diff options
-rw-r--r-- | dist/changes-5.15.0 | 26 | ||||
-rw-r--r-- | mkspecs/features/qt.prf | 2 | ||||
-rw-r--r-- | src/corelib/io/qstandardpaths_win.cpp | 7 | ||||
-rw-r--r-- | src/corelib/serialization/qcborvalue.cpp | 2 | ||||
-rw-r--r-- | src/gui/painting/qicc.cpp | 3 | ||||
-rw-r--r-- | tests/auto/corelib/serialization/cborlargedatavalidation.cpp | 20 | ||||
-rw-r--r-- | tests/auto/corelib/serialization/qcborvalue/tst_qcborvalue.cpp | 15 |
7 files changed, 52 insertions, 23 deletions
diff --git a/dist/changes-5.15.0 b/dist/changes-5.15.0 index f8e2330311..c42ff4b84d 100644 --- a/dist/changes-5.15.0 +++ b/dist/changes-5.15.0 @@ -46,23 +46,21 @@ information about a particular change. - QtNetwork: * QNetworkConfigurationManager, QNetworkConfiguration and QNetworkSession are deprecated, to be removed in Qt 6. + * QNetworkAccessManager::activeConfiguration, configuration and + setConfiguration are deprecated, to be removed in Qt 6. + * QNetworkAccessManager::networkAccessible, setNetworkAccessible and + the NetworkAccessibility enum are deprecated, to be removed in Qt 6. + * QLocalSocket::error() (the signal) is deprecated; superseded by + errorOccurred() + * QAbstractSocket::error() (the signal) is deprecated; superseded by + errorOccurred() + * QNetworkReply::error() (the signal) is deprecated; superseded by + errorOccurred() + * [QTBUG-80369] QSslSocket::sslErrors() (the getter) was deprecated and + superseded by sslHandshakeErrors() - - [REVERTED] [QTBUG-80369] QAbstractSocket::error() (the getter) is - deprecated; superseded by socketError(). - - [REVERTED] [QTBUG-80369] QLocalSocket::error() (the getter) is - deprecated; superseded by socketError(). - - [QTBUG-80369] QSslSocket::sslErrors() (the getter) was deprecated and - superseded by sslHandshakeErrors() - - [REVERTED] [QTBUG-80369] QNetworkReply::error() (the getter) was - deprecated; superseded by networkError(). - [QTBUG-81630][QTBUG-80312] QLinkedList is deprecated and will be moved to Qt5Compat in Qt 6. It is recommended to use std::list instead. - - QLocalSocket::error() (the signal) is deprecated; superseded by - errorOccurred() - - QAbstractSocket::error() (the signal) is deprecated; superseded by - errorOccurred() - - QNetworkReply::error() (the signal) is deprecated; superseded by - errorOccurred() See also the various sections below, which include many more deprecations. diff --git a/mkspecs/features/qt.prf b/mkspecs/features/qt.prf index 6fe0059bf7..99b7fe6562 100644 --- a/mkspecs/features/qt.prf +++ b/mkspecs/features/qt.prf @@ -293,7 +293,7 @@ contains(all_qt_module_deps, qml): \ !isEmpty(SCANNERRESOURCES) { IMPORTPATHS += -qrcFiles - for (RESOURCE, SCANNERRESOURCES) + for (RESOURCE, SCANNERRESOURCES): \ IMPORTPATHS += $$absolute_path($$system_quote($$RESOURCE), $$_PRO_FILE_PWD_) } diff --git a/src/corelib/io/qstandardpaths_win.cpp b/src/corelib/io/qstandardpaths_win.cpp index 5055f4020c..cbe4ccd0b2 100644 --- a/src/corelib/io/qstandardpaths_win.cpp +++ b/src/corelib/io/qstandardpaths_win.cpp @@ -47,6 +47,7 @@ #include <qcoreapplication.h> #endif +#include <qoperatingsystemversion.h> #include <qt_windows.h> #include <shlobj.h> #include <intshcut.h> @@ -99,7 +100,11 @@ static bool isProcessLowIntegrity() { // Disable function until Qt CI is updated return false; #else - HANDLE process_token = GetCurrentProcessToken(); // non-leaking pseudo-handle + if (QOperatingSystemVersion::current() < QOperatingSystemVersion::Windows8) + return false; + // non-leaking pseudo-handle. Expanded inline function GetCurrentProcessToken() + // (was made an inline function in Windows 8). + const auto process_token = HANDLE(quintptr(-4)); QVarLengthArray<char,256> token_info_buf(256); auto* token_info = reinterpret_cast<TOKEN_MANDATORY_LABEL*>(token_info_buf.data()); diff --git a/src/corelib/serialization/qcborvalue.cpp b/src/corelib/serialization/qcborvalue.cpp index 3bca15d562..89a928d348 100644 --- a/src/corelib/serialization/qcborvalue.cpp +++ b/src/corelib/serialization/qcborvalue.cpp @@ -1636,7 +1636,7 @@ void QCborContainerPrivate::decodeStringFromCbor(QCborStreamReader &reader) if (len == rawlen) { auto oldSize = data.size(); auto newSize = oldSize; - if (!add_overflow(newSize, len, &newSize)) { + if (!add_overflow(newSize, len, &newSize) && newSize < MaxByteArraySize) { if (newSize != oldSize) data.resize(newSize); diff --git a/src/gui/painting/qicc.cpp b/src/gui/painting/qicc.cpp index 2b5cd58fb1..b7c8e8f824 100644 --- a/src/gui/painting/qicc.cpp +++ b/src/gui/painting/qicc.cpp @@ -225,7 +225,7 @@ static bool isValidIccProfile(const ICCProfileHeader &header) } // Don't overflow 32bit integers: - if (header.tagCount >= INT32_MAX / sizeof(TagTableEntry)) { + if (header.tagCount >= (INT32_MAX - sizeof(ICCProfileHeader)) / sizeof(TagTableEntry)) { qCWarning(lcIcc, "Failed tag count sanity"); return false; } @@ -629,6 +629,7 @@ bool fromIccProfile(const QByteArray &data, QColorSpace *colorSpace) // Read tag index const TagTableEntry *tagTable = (const TagTableEntry *)(data.constData() + sizeof(ICCProfileHeader)); const qsizetype offsetToData = sizeof(ICCProfileHeader) + header->tagCount * sizeof(TagTableEntry); + Q_ASSERT(offsetToData > 0); if (offsetToData > data.size()) { qCWarning(lcIcc) << "fromIccProfile: failed index size sanity"; return false; diff --git a/tests/auto/corelib/serialization/cborlargedatavalidation.cpp b/tests/auto/corelib/serialization/cborlargedatavalidation.cpp index 9abfe0f575..f3b6893957 100644 --- a/tests/auto/corelib/serialization/cborlargedatavalidation.cpp +++ b/tests/auto/corelib/serialization/cborlargedatavalidation.cpp @@ -81,19 +81,31 @@ qint64 LargeIODevice::readData(char *data, qint64 maxlen) void addValidationLargeData(qsizetype minInvalid, qsizetype maxInvalid) { - char toolong[2 + sizeof(qsizetype)] = { char(0x81) }; + char toolong[1 + sizeof(qsizetype)]; for (qsizetype v = maxInvalid; v >= minInvalid; --v) { // 0x5a for 32-bit, 0x5b for 64-bit - toolong[1] = sizeof(v) > 4 ? 0x5b : 0x5a; - qToBigEndian(v, toolong + 2); + toolong[0] = sizeof(v) > 4 ? 0x5b : 0x5a; + qToBigEndian(v, toolong + 1); QTest::addRow("bytearray-too-big-for-qbytearray-%llx", v) << QByteArray(toolong, sizeof(toolong)) << 0 << CborErrorDataTooLarge; - toolong[1] |= 0x20; + QTest::addRow("bytearray-chunked-too-big-for-qbytearray-%llx", v) + << ('\x5f' + QByteArray(toolong, sizeof(toolong)) + '\xff') + << 0 << CborErrorDataTooLarge; + QTest::addRow("bytearray-2chunked-too-big-for-qbytearray-%llx", v) + << ("\x5f\x40" + QByteArray(toolong, sizeof(toolong)) + '\xff') + << 0 << CborErrorDataTooLarge; + toolong[0] |= 0x20; // QCborStreamReader::readString copies to a QByteArray first QTest::addRow("string-too-big-for-qbytearray-%llx", v) << QByteArray(toolong, sizeof(toolong)) << 0 << CborErrorDataTooLarge; + QTest::addRow("string-chunked-too-big-for-qbytearray-%llx", v) + << ('\x7f' + QByteArray(toolong, sizeof(toolong)) + '\xff') + << 0 << CborErrorDataTooLarge; + QTest::addRow("string-2chunked-too-big-for-qbytearray-%llx", v) + << ("\x7f\x60" + QByteArray(toolong, sizeof(toolong)) + '\xff') + << 0 << CborErrorDataTooLarge; } } diff --git a/tests/auto/corelib/serialization/qcborvalue/tst_qcborvalue.cpp b/tests/auto/corelib/serialization/qcborvalue/tst_qcborvalue.cpp index 9c1341e252..1379cc348d 100644 --- a/tests/auto/corelib/serialization/qcborvalue/tst_qcborvalue.cpp +++ b/tests/auto/corelib/serialization/qcborvalue/tst_qcborvalue.cpp @@ -1926,11 +1926,24 @@ void tst_QCborValue::validation_data() // Add QCborStreamReader-specific limitations due to use of QByteArray and // QString, which are allocated by QArrayData::allocate(). const qsizetype MaxInvalid = std::numeric_limits<QByteArray::size_type>::max(); - const qsizetype MinInvalid = MaxByteArraySize + 1; + const qsizetype MinInvalid = MaxByteArraySize + 1 - sizeof(QByteArray::size_type); addValidationColumns(); addValidationData(MinInvalid); addValidationLargeData(MinInvalid, MaxInvalid); + // Chunked strings whose total overflows the limit, but each individual + // chunk doesn't. 0x5a for 32-bit, 0x5b for 64-bit. + char toolong[1 + sizeof(qsizetype)]; + toolong[0] = sizeof(MinInvalid) > 4 ? 0x5b : 0x5a; + qToBigEndian(MinInvalid - 1, toolong + 1); + QTest::addRow("bytearray-2chunked+1-too-big-for-qbytearray-%llx", MinInvalid) + << ("\x5f\x41z" + QByteArray(toolong, sizeof(toolong)) + '\xff') + << 0 << CborErrorDataTooLarge; + toolong[0] |= 0x20; + QTest::addRow("string-2chunked+1-too-big-for-qbytearray-%llx", MinInvalid) + << ("\x7f\x61z" + QByteArray(toolong, sizeof(toolong)) + '\xff') + << 0 << CborErrorDataTooLarge; + // These tests say we have arrays and maps with very large item counts. // They are meant to ensure we don't pre-allocate a lot of memory // unnecessarily and possibly crash the application. The actual number of |