QRadialGradient: Fix undefined behavior

The UBSan raises a division by zero in getRadialGradientValues. This can
be avoided by calculating the inverse in
qt_fetch_radial_gradient_template as a checker is done to avoid
division by zero there. (Credit to OSS-Fuzz)

Pick-to: 6.7
Fixes: QTBUG-120332
Change-Id: I798d1efc87ee07df7ca6f401aa476013cdbffe42
Reviewed-by: Eirik Aavitsland <eirik.aavitsland@qt.io>

1 files changed, 16 insertions, 0 deletions

diff --git a/tests/auto/gui/painting/qpainter/tst_qpainter.cpp b/tests/auto/gui/painting/qpainter/tst_qpainter.cpp
index a8981f5761..553044dd3d 100644
--- a/tests/auto/gui/painting/qpainter/tst_qpainter.cpp
+++ b/tests/auto/gui/painting/qpainter/tst_qpainter.cpp
@@ -169,6 +169,7 @@ private slots:
     void radialGradientRgb30();
 #endif
 
+    void radialGradient_QTBUG120332_ubsan();
     void fpe_pixmapTransform();
     void fpe_zeroLengthLines();
     void fpe_divByZero();
@@ -3896,6 +3897,21 @@ void tst_QPainter::gradientPixelFormat()
     QCOMPARE(a, b.convertToFormat(QImage::Format_ARGB32_Premultiplied));
 }
 
+void tst_QPainter::radialGradient_QTBUG120332_ubsan()
+{
+    // Check if Radial Gradient will cause division by zero or not when
+    // the center point coincide with the focal point.
+    QImage image(8, 8, QImage::Format_ARGB32_Premultiplied);
+    QPainter painter(&image);
+
+    QPointF center(0.5, 0.5);
+    QPointF focal(0.5, 0.5);
+    QRadialGradient gradient(center, 0.5, focal, 0.5);
+    gradient.setColorAt(0, Qt::blue);
+    gradient.setColorAt(1, Qt::red);
+    painter.fillRect(image.rect(), QBrush(gradient));
+}
+
 void tst_QPainter::gradientInterpolation()
 {
     QImage image(256, 8, QImage::Format_ARGB32_Premultiplied);