From c58a3a4aae4c423bd0477a981ad1c517a30579e3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?M=C3=A5rten=20Nordheim?= <marten.nordheim@qt.io>
Date: Mon, 18 Oct 2021 13:59:59 +0200
Subject: QDateTime: Limit string processing to known boundaries
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

We were treating the input as if it was always reasonably good.
Since we know the max boundaries anyway lets just stop processing
when those are reached

Fixes: QTBUG-97489
Change-Id: Ibb78d6d51ad58454b2007ab46d54116ca0be5448
Reviewed-by: Robert Löhning <robert.loehning@qt.io>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
---
 src/corelib/time/qdatetime.cpp | 24 ++++++++++++++++++------
 1 file changed, 18 insertions(+), 6 deletions(-)

diff --git a/src/corelib/time/qdatetime.cpp b/src/corelib/time/qdatetime.cpp
index b537bddd1e..30c83e09d9 100644
--- a/src/corelib/time/qdatetime.cpp
+++ b/src/corelib/time/qdatetime.cpp
@@ -151,8 +151,13 @@ static ParsedRfcDateTime rfcDateImpl(QStringView s)
     ParsedRfcDateTime result;
 
     QVarLengthArray<QStringView, 6> words;
-    s.tokenize(u' ', Qt::SkipEmptyParts).toContainer(words);
-    if (words.size() < 3 || words.size() > 6)
+
+    auto tokens = s.tokenize(u' ', Qt::SkipEmptyParts);
+    auto it = tokens.begin();
+    for (int i = 0; i < 6 && it != tokens.end(); ++i, ++it)
+        words.emplace_back(*it);
+
+    if (words.size() < 3 || it != tokens.end())
         return result;
     const QChar colon(u':');
     bool ok = true;
@@ -1481,9 +1486,12 @@ QDate QDate::fromString(QStringView string, Qt::DateFormat format)
     case Qt::TextDate: {
         // Documented as "ddd MMM d yyyy"
         QVarLengthArray<QStringView, 4> parts;
-        string.tokenize(u' ', Qt::SkipEmptyParts).toContainer(parts);
+        auto tokens = string.tokenize(u' ', Qt::SkipEmptyParts);
+        auto it = tokens.begin();
+        for (int i = 0; i < 4 && it != tokens.end(); ++i, ++it)
+            parts.emplace_back(*it);
 
-        if (parts.count() != 4)
+        if (parts.size() != 4 || it != tokens.end())
             return QDate();
 
         bool ok = false;
@@ -5119,11 +5127,15 @@ QDateTime QDateTime::fromString(QStringView string, Qt::DateFormat format)
     }
     case Qt::TextDate: {
         QVarLengthArray<QStringView, 6> parts;
-        string.tokenize(u' ', Qt::SkipEmptyParts).toContainer(parts);
+
+        auto tokens = string.tokenize(u' ', Qt::SkipEmptyParts);
+        auto it = tokens.begin();
+        for (int i = 0; i < 6 && it != tokens.end(); ++i, ++it)
+            parts.emplace_back(*it);
 
         // Documented as "ddd MMM d HH:mm:ss yyyy" with optional offset-suffix;
         // and allow time either before or after year.
-        if (parts.count() < 5 || parts.count() > 6)
+        if (parts.count() < 5 || it != tokens.end())
             return QDateTime();
 
         // Year and time can be in either order.
-- 
cgit v1.2.3