diff options
author | Marc Mutz <marc.mutz@kdab.com> | 2020-05-11 09:39:19 +0200 |
---|---|---|
committer | Marc Mutz <marc.mutz@kdab.com> | 2020-05-13 21:26:35 +0200 |
commit | c59665b0ec8cda1b00852f5f90fcad7fc88d1638 (patch) | |
tree | 065e2d7f7b08cb283a323da55320be287e3cf80a /src/tools/bootstrap | |
parent | 72f6aaa7d4acbf7f7d11ca0723a47cf6bdb693b9 (diff) |
QSettings: fix UB (signed integer overflow) on parsing long hex/oct escapes
The code did not limit the length of hex and octal escape sequences,
but used an int as the accumulator, which causes UB on overflow.
Due to the use of the QChar(int) constructor when appending escapeVal,
only the lowest 16 bit of the value were appended to the result
string. An test case encoding this behavior explicitly suggests this
is intended behavior.
It therefore suffices to use an unsigned 16-bit value as the
accumulator (unsigned, because that doesn't cause UB on overflow, 16
bits, because that's all we care for).
For future-proofing, use char16_t as the accumulator.
Pick-to: 5.15
Change-Id: I07e7ebf1f312276b2bbcb08e4360c66a3b9522ca
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Diffstat (limited to 'src/tools/bootstrap')
0 files changed, 0 insertions, 0 deletions