QTextHtmlParserNode: Avoid extreme values for font's pixelsize

They currently cause an integer-overflow in variantHash(). Fixes: oss-fuzz-24702 Change-Id: Ibee4413ca766c8ade9aeff2f2052b82cb9f7d213 Reviewed-by: Volker Hilsheimer <volker.hilsheimer@qt.io> Reviewed-by: Thiago Macieira <thiago.macieira@intel.com> (cherry picked from commit 0bd770fb875d5391dd78df95542c25bd15051938) Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
author: Robert Loehning <robert.loehning@qt.io> 2020-08-27 16:18:58 +0200
committer: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org> 2020-08-28 15:59:59 +0000
commit: 2d93e82c84d0a8afed94e1a45ebfd365db229b88 (patch)
tree: b7c8937d61b6d8f1d7192ecdf249e942aa72b089 /src/gui
parent: 1ee0815f2ab99a94381ca3aa4e5f7369c0b9477a (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/src/gui/text/qtexthtmlparser.cpp b/src/gui/text/qtexthtmlparser.cpp
index f003544391..d22fc3b913 100644
--- a/src/gui/text/qtexthtmlparser.cpp
+++ b/src/gui/text/qtexthtmlparser.cpp
@@ -1388,6 +1388,7 @@ void QTextHtmlParserNode::applyCssDeclarations(const QVector<QCss::Declaration>
     QFont f;
     int adjustment = -255;
     extractor.extractFont(&f, &adjustment);
+    f.setPixelSize(qMin(f.pixelSize(), INT32_MAX / 2));   // avoid even more extreme values
     charFormat.setFont(f, QTextCharFormat::FontPropertiesSpecifiedOnly);
 
     if (adjustment >= -1)
author	Robert Loehning <robert.loehning@qt.io>	2020-08-27 16:18:58 +0200
committer	Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>	2020-08-28 15:59:59 +0000
commit	2d93e82c84d0a8afed94e1a45ebfd365db229b88 (patch)
tree	b7c8937d61b6d8f1d7192ecdf249e942aa72b089 /src/gui
parent	1ee0815f2ab99a94381ca3aa4e5f7369c0b9477a (diff)