From 821e71fded090d815b5cd396057ac9823874fe1f Mon Sep 17 00:00:00 2001
From: Thiago Macieira <thiago.macieira@intel.com>
Date: Wed, 15 Apr 2020 15:16:06 -0300
Subject: QCborValue: check parsing of invalid URL

QUrl will reject invalid URLs for us, so we don't get normalization. The
original junk should be retrievable, of course.

Change-Id: Ibdc95e9af7bd456a94ecfffd160610f5b2c8e1a2
Reviewed-by: Ulf Hermann <ulf.hermann@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
---
 src/corelib/serialization/qcborvalue.cpp                       | 8 +++++---
 tests/auto/corelib/serialization/qcborvalue/tst_qcborvalue.cpp | 8 ++++++++
 2 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/src/corelib/serialization/qcborvalue.cpp b/src/corelib/serialization/qcborvalue.cpp
index 30bfa367ed..3bca15d562 100644
--- a/src/corelib/serialization/qcborvalue.cpp
+++ b/src/corelib/serialization/qcborvalue.cpp
@@ -827,9 +827,11 @@ static QCborValue::Type convertToExtendedType(QCborContainerPrivate *d)
                 // normalize to a short (decoded) form, so as to save space
                 QUrl url(e.flags & Element::StringIsUtf16 ?
                              b->asQStringRaw() :
-                             b->toUtf8String());
-                QByteArray encoded = url.toString(QUrl::DecodeReserved).toUtf8();
-                replaceByteData(encoded, encoded.size(), {});
+                             b->toUtf8String(), QUrl::StrictMode);
+                if (url.isValid()) {
+                    QByteArray encoded = url.toString(QUrl::DecodeReserved).toUtf8();
+                    replaceByteData(encoded, encoded.size(), {});
+                }
             }
             return QCborValue::Url;
         }
diff --git a/tests/auto/corelib/serialization/qcborvalue/tst_qcborvalue.cpp b/tests/auto/corelib/serialization/qcborvalue/tst_qcborvalue.cpp
index e8acd29bbc..9c1341e252 100644
--- a/tests/auto/corelib/serialization/qcborvalue/tst_qcborvalue.cpp
+++ b/tests/auto/corelib/serialization/qcborvalue/tst_qcborvalue.cpp
@@ -2053,6 +2053,14 @@ void tst_QCborValue::extendedTypeValidation_data()
             qSwap(c, dt[i]);
         }
     }
+
+    // Improperly-encoded URLs
+    {
+        const char badurl[] = "%zz";
+        QTest::newRow("Url:Invalid")
+                << encode(0xd8, int(QCborKnownTags::Url), 0x60 + int(strlen(badurl)), badurl)
+                << QCborValue(QCborKnownTags::Url, QLatin1String(badurl));
+    }
 }
 
 void tst_QCborValue::extendedTypeValidation()
-- 
cgit v1.2.3