summaryrefslogtreecommitdiffstats
path: root/src/corelib/serialization/qxmlstream.g
Commit message (Collapse)AuthorAgeFilesLines
* Add an expansion limit for entitiesLars Knoll2020-02-261-1/+13
| | | | | | | | | | | | | | | | | | | | | Recursively defined entities can easily exhaust all available memory. Limit entity expansion to a default of 4096 characters to avoid DoS attacks when a user loads untrusted content. Added a setter and getter to allow modifying the expansion limit. [ChangeLog][QtCore][QXmlStream] QXmlStreamReader does now by default limit the expansion of entities to 4096 characters. Documents where a single entity expands to more characters than the limit are not considered well formed. The limit is there to avoid DoS attacks through recursively expanding entities when loading untrusted content. The limit can be changed through the QXmlStreamReader::setEntityExpansionLimit() method. Fixes: QTBUG-47417 Change-Id: I94387815d74fcf34783e136387ee57fac5ded0c9 Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@gmx.de> Reviewed-by: Volker Hilsheimer <volker.hilsheimer@qt.io>
* Move away from using 0 as a pointer constantAllan Sandfeld Jensen2019-06-071-1/+1
| | | | | | | | | Cleans up most of corelib to use nullptr or default enums where appropriate. Change-Id: Ifcaac14ecdaaee730f87f10941db3ce407d71ef9 Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
* Update qxmlstream.g with changes from qxmlstream_p.hLars Knoll2019-01-251-3/+11
| | | | | | | | | | | Some updates that made it into qxmlstream_p.h have not been reflected in qxmlstream.g. Also fix the expected amount of shift/reduce conflicts. Fixes: QTBUG-60186 Change-Id: I2a5e1c579dbbe8812a75ca6bb1e3a6a0ba909cdf Reviewed-by: Simon Hausmann <simon.hausmann@qt.io> Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
* Modernize the "textcodec" featureLiang Qi2018-11-071-2/+2
| | | | | | | | | Also clean up QTextCodec usage in qmake build and some includes of qtextcodec.h. Change-Id: I0475b82690024054add4e85a8724c8ea3adcf62a Reviewed-by: Edward Welbourne <edward.welbourne@qt.io> Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@qt.io>
* Create corelib/serialization and move existing file formats into itThiago Macieira2018-01-261-0/+1852
This is in preparation to adding CBOR support. We don't need yet another dir for CBOR and placing it in src/corelib/json is just wrong. Change-Id: I9741f017961b410c910dfffd14ffb9d870340fa6 Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@qt.io> Reviewed-by: Lars Knoll <lars.knoll@qt.io>
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-14 10:01:45 +0000