diff options
author | Thiago Macieira <thiago.macieira@intel.com> | 2013-07-19 20:16:47 -0700 |
---|---|---|
committer | The Qt Project <gerrit-noreply@qt-project.org> | 2013-08-04 04:48:13 +0200 |
commit | 7b964c77fa15fa3fbf18538ebcdf6b09ffbbbd0e (patch) | |
tree | 5b1607be58cbb1d1c357f2a00a54c91b1454aba8 /tests | |
parent | 1fa5ea7a6a0719f4c52ac9ba3e61fc8ad0cd10bf (diff) |
Make sure that QUrl::FullyDecoded mode uses U+FFFD for bad UTF-8
It's a good practice to always replace bad UTF-8 sequences with the
replacement character. It could be considered a security issue too.
Change-Id: I9e7d72e4c4102cdb8334449b5e7f882228a9048f
Reviewed-by: David Faure (KDE) <faure@kde.org>
Diffstat (limited to 'tests')
-rw-r--r-- | tests/auto/corelib/io/qurlinternal/tst_qurlinternal.cpp | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/tests/auto/corelib/io/qurlinternal/tst_qurlinternal.cpp b/tests/auto/corelib/io/qurlinternal/tst_qurlinternal.cpp index b39b34e494..05d5f94e3d 100644 --- a/tests/auto/corelib/io/qurlinternal/tst_qurlinternal.cpp +++ b/tests/auto/corelib/io/qurlinternal/tst_qurlinternal.cpp @@ -1035,6 +1035,15 @@ void tst_QUrlInternal::encodingRecodeInvalidUtf8() if (!qt_urlRecode(output, input.constData(), input.constData() + input.length(), QUrl::FullyEncoded)) output += input; QCOMPARE(output, QTest::currentDataTag() + input); + + // verify for security reasons that all bad UTF-8 data got replaced by QChar::ReplacementCharacter + output = QTest::currentDataTag(); + if (!qt_urlRecode(output, input.constData(), input.constData() + input.length(), QUrl::FullyEncoded)) + output += input; + for (int i = strlen(QTest::currentDataTag()); i < output.length(); ++i) { + QVERIFY2(output.at(i).unicode() < 0x80 || output.at(i) == QChar::ReplacementCharacter, + qPrintable(QString("Character at i == %1 was U+%2").arg(i).arg(output.at(i).unicode(), 4, 16, QLatin1Char('0')))); + } } void tst_QUrlInternal::recodeByteArray_data() |