From 30855574ea6bfb046ae7b095c1434a2724550f09 Mon Sep 17 00:00:00 2001 From: Marc Mutz Date: Mon, 14 Mar 2022 16:24:55 +0100 Subject: QLibrary: fix possible arg() format clobbering MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The fileName could potentially contain the string "%n", n ≤ 5, in which case the following .arg() calls would interpolate their arguments at the wrong position. Fix by interpolating fileName last. Change-Id: I1a75a7671cbfe85ba3b2df240c3ef74482fc848d Reviewed-by: Edward Welbourne Reviewed-by: Thiago Macieira (cherry picked from commit 3636325946b471d48043540e309bf6f52be45331) Reviewed-by: Qt Cherry-pick Bot --- src/corelib/plugin/qlibrary.cpp | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/corelib/plugin/qlibrary.cpp b/src/corelib/plugin/qlibrary.cpp index ac33f16268..4320d36cdd 100644 --- a/src/corelib/plugin/qlibrary.cpp +++ b/src/corelib/plugin/qlibrary.cpp @@ -782,12 +782,12 @@ void QLibraryPrivate::updatePluginState() QFile::encodeName(fileName).constData(), (qt_version&0xff0000) >> 16, (qt_version&0xff00) >> 8, qt_version&0xff, debug ? "debug" : "release"); - errorString = QLibrary::tr("The plugin '%1' uses incompatible Qt library. (%2.%3.%4) [%5]") - .arg(fileName) + errorString = QLibrary::tr("The plugin '%5' uses incompatible Qt library. (%1.%2.%3) [%4]") .arg((qt_version&0xff0000) >> 16) .arg((qt_version&0xff00) >> 8) .arg(qt_version&0xff) - .arg(debug ? QLatin1String("debug") : QLatin1String("release")); + .arg(debug ? QLatin1String("debug") : QLatin1String("release")) + .arg(fileName); } else if (PluginMustMatchQtDebug && debug != QtBuildIsDebug) { //don't issue a qWarning since we will hopefully find a non-debug? --Sam errorString = QLibrary::tr("The plugin '%1' uses incompatible Qt library." -- cgit v1.2.3