diff options
| author | Paul Olav Tvete <paul.tvete@qt.io> | 2024-03-15 15:28:26 +0100 |
|---|---|---|
| committer | Paul Olav Tvete <paul.tvete@qt.io> | 2024-03-15 20:46:39 +0100 |
| commit | 7a84c58f55ab56c5d77be80e43783d0b5302a749 (patch) | |
| tree | e37f1e10ad51973d2009c6710e82fbc114da0fe3 /src/gui | |
| parent | f944651e3db01a73b10212926a7b1c7aad5eb83e (diff) | |
Fix QTextEngine regression with large-ish texts
Change 997fd3b88ede8078af286da6ecc197e83a8cbb46 fixed integer overflows
with huge texts. This was done by using qsizetype for size calculations
instead of int. However, that change introduced a serious regression
due to an itermediate imultiplication result being "promoted" to unsigned,
and therefore a negative value being converted to a large positive.
The solution is to make sure all values in the expression are signed.
Fixes: QTBUG-123339
Task-number: QTBUG-119611
Pick-to: 6.7
Change-Id: I3f9189f77b383c6103cf5b35981cdb607b065f6f
Reviewed-by: Eskil Abrahamsen Blomfeldt <eskil.abrahamsen-blomfeldt@qt.io>
Diffstat (limited to 'src/gui')
| -rw-r--r-- | src/gui/text/qtextengine.cpp | 7 | ||||
| -rw-r--r-- | src/gui/text/qtextengine_p.h | 6 |
2 files changed, 6 insertions, 7 deletions
diff --git a/src/gui/text/qtextengine.cpp b/src/gui/text/qtextengine.cpp index febc364fb3..cb945b73ce 100644 --- a/src/gui/text/qtextengine.cpp +++ b/src/gui/text/qtextengine.cpp @@ -2658,9 +2658,10 @@ QTextEngine::LayoutData::LayoutData(const QString &str, void **stack_memory, qsi { allocated = _allocated; - qsizetype space_charAttributes = sizeof(QCharAttributes) * string.size() / sizeof(void*) + 1; - qsizetype space_logClusters = sizeof(unsigned short) * string.size() / sizeof(void*) + 1; - available_glyphs = (allocated - space_charAttributes - space_logClusters) * sizeof(void*) / QGlyphLayout::SpaceNeeded; + constexpr qsizetype voidSize = sizeof(void*); + qsizetype space_charAttributes = sizeof(QCharAttributes) * string.size() / voidSize + 1; + qsizetype space_logClusters = sizeof(unsigned short) * string.size() / voidSize + 1; + available_glyphs = (allocated - space_charAttributes - space_logClusters) * voidSize / QGlyphLayout::SpaceNeeded; if (available_glyphs < str.size()) { // need to allocate on the heap diff --git a/src/gui/text/qtextengine_p.h b/src/gui/text/qtextengine_p.h index 7d5e2aa41e..a829265a22 100644 --- a/src/gui/text/qtextengine_p.h +++ b/src/gui/text/qtextengine_p.h @@ -159,10 +159,8 @@ Q_DECLARE_TYPEINFO(QGlyphAttributes, Q_PRIMITIVE_TYPE); struct QGlyphLayout { - enum { - SpaceNeeded = sizeof(glyph_t) + sizeof(QFixed) + sizeof(QFixedPoint) - + sizeof(QGlyphAttributes) + sizeof(QGlyphJustification) - }; + static constexpr qsizetype SpaceNeeded = sizeof(glyph_t) + sizeof(QFixed) + sizeof(QFixedPoint) + + sizeof(QGlyphAttributes) + sizeof(QGlyphJustification); // init to 0 not needed, done when shaping QFixedPoint *offsets; // 8 bytes per element |