summaryrefslogtreecommitdiffstats
path: root/tests/auto/corelib/serialization/qxmlstream
Commit message (Collapse)AuthorAgeFilesLines
* Add an expansion limit for entitiesLars Knoll2020-02-261-2/+42
| | | | | | | | | | | | | | | | | | | | | Recursively defined entities can easily exhaust all available memory. Limit entity expansion to a default of 4096 characters to avoid DoS attacks when a user loads untrusted content. Added a setter and getter to allow modifying the expansion limit. [ChangeLog][QtCore][QXmlStream] QXmlStreamReader does now by default limit the expansion of entities to 4096 characters. Documents where a single entity expands to more characters than the limit are not considered well formed. The limit is there to avoid DoS attacks through recursively expanding entities when loading untrusted content. The limit can be changed through the QXmlStreamReader::setEntityExpansionLimit() method. Fixes: QTBUG-47417 Change-Id: I94387815d74fcf34783e136387ee57fac5ded0c9 Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@gmx.de> Reviewed-by: Volker Hilsheimer <volker.hilsheimer@qt.io>
* Merge remote-tracking branch 'origin/5.14' into 5.15Qt Forward Merge Bot2020-01-282-0/+9005
|\ | | | | | | | | | | | | Conflicts: src/gui/image/qpnghandler.cpp Change-Id: I8630f363457bb613d8fb88470a71d95d97cdb301
| * QXmlStreamReader: early return in case of malformed attributesGiuseppe D'Angelo2020-01-232-0/+9005
| | | | | | | | | | | | | | | | There's no point at keep raising errors after encountering the first malformed attribute. Change-Id: Idb37e577ea96c3bd850b3caf008fe3ecd57dd32e Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
* | Deprecate SAX classes in Qt XMLSona Kurazyan2020-01-061-35/+34
|/ | | | | | | | | | | | | | | | | Deprecated the SAX classes and disabled or replaced their uses in tests if applicable. Removed the saxbookmarks example, no point in keeping examples for the deprecated code. [ChangeLog][QtXml] SAX classes are now deprecated. Use QXmlStreamReader, QXmlStreamWriter in QtCore instead. Task-number: QTBUG-76177 Change-Id: Ic171d62fa0527b0f36f94cf09a69586092269957 Reviewed-by: Friedemann Kleint <Friedemann.Kleint@qt.io> Reviewed-by: Paul Wicking <paul.wicking@qt.io> Reviewed-by: Kai Koehne <kai.koehne@qt.io>
* Prefix QTextStream operators with Qt:: in testsLars Knoll2019-05-031-14/+14
| | | | | Change-Id: I852f016fcb619a9e634deee6efb1fe7930d974c8 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Replace Q_DECL_NOTHROW with noexcept the remaining placesAllan Sandfeld Jensen2019-04-091-1/+1
| | | | | | | | | | | | The first replacement had missed objective-C++ code some places ourside the src dir. In C-files Q_DECL_NOTHROW is replaced with Q_DECL_NOEXCEPT as we still need to turn it off when compiled in C mode, but can get rid of the old NOTHROW moniker. Change-Id: I6370f57066679c5120d0265a69e7e378e09d4759 Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
* Fix QXmlStreamWriter xmlns attribute placementhjk2018-09-281-0/+32
| | | | | | | | | Done-by: Eugenio Rustico Change-Id: Ibd6aa6cc8be9090a4fad4f96628086d8a498b8e0 Fixes: QTBUG-63434 Reviewed-by: Andy Shaw <andy.shaw@qt.io> Reviewed-by: Thiago Macieira <thiago.macieira@intel.com> Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
* Create corelib/serialization and move existing file formats into itThiago Macieira2018-01-264074-0/+204197
This is in preparation to adding CBOR support. We don't need yet another dir for CBOR and placing it in src/corelib/json is just wrong. Change-Id: I9741f017961b410c910dfffd14ffb9d870340fa6 Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@qt.io> Reviewed-by: Lars Knoll <lars.knoll@qt.io>
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-23 06:14:21 +0000