QXmlStream: sanitize input before building a QChar

The result of getChar() may be a combination of a token category and a code unit, like `((LETTER << 16) | c)`. Constructing a QChar out of it requires masking the category out. This was already done in a few code paths but missing in others. Change-Id: I186fb01973a1badd425b3a6811843d8a40b13a6a Reviewed-by: Lars Knoll <lars.knoll@qt.io>
author: Giuseppe D'Angelo <giuseppe.dangelo@kdab.com> 2020-11-18 12:20:01 +0100
committer: Giuseppe D'Angelo <giuseppe.dangelo@kdab.com> 2020-11-18 23:24:02 +0100
commit: c149fd232daa4c62b0c39d603fe660104ceb92b5 (patch)
tree: 40d4f68d6b905e3b3a745489a6be2dd54b177701 /src/corelib/serialization
parent: be0f1af3f1829da0d321c12dbd40d5743d3b2eb5 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/src/corelib/serialization/qxmlstream.cpp b/src/corelib/serialization/qxmlstream.cpp
index 7a4a6ed3e5..e56877082b 100644
--- a/src/corelib/serialization/qxmlstream.cpp
+++ b/src/corelib/serialization/qxmlstream.cpp
@@ -1189,7 +1189,7 @@ inline int QXmlStreamReaderPrivate::fastScanLiteralContent()
                 putChar(c);
                 return n;
             }
-            textBuffer += QChar(c);
+            textBuffer += QChar(ushort(c));
             ++n;
         }
     }
@@ -1345,7 +1345,7 @@ inline int QXmlStreamReaderPrivate::fastScanName(int *prefix)
             }
             Q_FALLTHROUGH();
         default:
-            textBuffer += QChar(c);
+            textBuffer += QChar(ushort(c));
             ++n;
         }
     }
author	Giuseppe D'Angelo <giuseppe.dangelo@kdab.com>	2020-11-18 12:20:01 +0100
committer	Giuseppe D'Angelo <giuseppe.dangelo@kdab.com>	2020-11-18 23:24:02 +0100
commit	c149fd232daa4c62b0c39d603fe660104ceb92b5 (patch)
tree	40d4f68d6b905e3b3a745489a6be2dd54b177701 /src/corelib/serialization
parent	be0f1af3f1829da0d321c12dbd40d5743d3b2eb5 (diff)