From 886268580561edabd24a1b6f47f4d74504d47c6f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Robert=20L=C3=B6hning?= Date: Fri, 23 Apr 2021 16:33:01 +0200 Subject: QTextHtmlParserNode: Avoid invalid enum values Fixes oss-fuzz issue 31027 Fixes: QTBUG-93072 Change-Id: I8c7fa31bae79221fbeaf84db7c839fc61c93d48e Reviewed-by: Qt CI Bot Reviewed-by: Nils Jeisecke Reviewed-by: Shawn Rutledge --- src/gui/text/qtexthtmlparser.cpp | 40 +++++++++++++++++++++++++++++++++++++++- 1 file changed, 39 insertions(+), 1 deletion(-) (limited to 'src/gui/text/qtexthtmlparser.cpp') diff --git a/src/gui/text/qtexthtmlparser.cpp b/src/gui/text/qtexthtmlparser.cpp index 77299f7f9c..ec9cddd9c5 100644 --- a/src/gui/text/qtexthtmlparser.cpp +++ b/src/gui/text/qtexthtmlparser.cpp @@ -1168,6 +1168,44 @@ void QTextHtmlParserNode::setListStyle(const QList &cssValues) blockFormat.setProperty(QTextFormat::ListStyle, listStyle); } +static QTextFrameFormat::BorderStyle toQTextFrameFormat(QCss::BorderStyle cssStyle) +{ + switch (cssStyle) { + case QCss::BorderStyle::BorderStyle_Dotted: + return QTextFrameFormat::BorderStyle::BorderStyle_Dotted; + case QCss::BorderStyle::BorderStyle_Dashed: + return QTextFrameFormat::BorderStyle::BorderStyle_Dashed; + case QCss::BorderStyle::BorderStyle_Solid: + return QTextFrameFormat::BorderStyle::BorderStyle_Solid; + case QCss::BorderStyle::BorderStyle_Double: + return QTextFrameFormat::BorderStyle::BorderStyle_Double; + case QCss::BorderStyle::BorderStyle_DotDash: + return QTextFrameFormat::BorderStyle::BorderStyle_DotDash; + case QCss::BorderStyle::BorderStyle_DotDotDash: + return QTextFrameFormat::BorderStyle::BorderStyle_DotDotDash; + case QCss::BorderStyle::BorderStyle_Groove: + return QTextFrameFormat::BorderStyle::BorderStyle_Groove; + case QCss::BorderStyle::BorderStyle_Ridge: + return QTextFrameFormat::BorderStyle::BorderStyle_Ridge; + case QCss::BorderStyle::BorderStyle_Inset: + return QTextFrameFormat::BorderStyle::BorderStyle_Inset; + case QCss::BorderStyle::BorderStyle_Outset: + return QTextFrameFormat::BorderStyle::BorderStyle_Outset; + case QCss::BorderStyle::BorderStyle_Unknown: + case QCss::BorderStyle::BorderStyle_None: + case QCss::BorderStyle::BorderStyle_Native: + return QTextFrameFormat::BorderStyle::BorderStyle_None; + case QCss::BorderStyle::NumKnownBorderStyles: + break; + // Intentionally no "default" to allow a compiler warning when extending the enum + // without updating this here. clang gives such a warning. + } + // Must not happen, intentionally trigger undefined behavior which sanitizers will detect. + // Having all cases covered in switch is not sufficient: + // MSVC would warn when there is no "default". + return static_cast(-1); +} + void QTextHtmlParserNode::applyCssDeclarations(const QList &declarations, const QTextDocument *resourceProvider) { QCss::ValueExtractor extractor(declarations); @@ -1187,7 +1225,7 @@ void QTextHtmlParserNode::applyCssDeclarations(const QList &d // because tableBorder is not relevant for cells. extractor.extractBorder(cssBorder, tableCellBorderBrush, cssStyles, cssRadii); for (int i = 0; i < 4; ++i) { - tableCellBorderStyle[i] = static_cast(cssStyles[i] - 1); + tableCellBorderStyle[i] = toQTextFrameFormat(cssStyles[i]); tableCellBorder[i] = static_cast(cssBorder[i]); } } -- cgit v1.2.3