From 3c4078ca02cc438dbe668c4a3819d54134ac75b5 Mon Sep 17 00:00:00 2001 From: Friedemann Kleint Date: Mon, 24 Feb 2020 13:33:00 +0100 Subject: tst_QSettings: Fix leaking registry key On Windows, the test was leaking a registry key HKEY_CURRENT_USER\Software\tst_QSettings_trailingWhitespace Fix by using .ini-Format in the temporary directory created by the test. Amends e66a878838f17a0626b0b10b340b1ca4dba56cc1. Task-number: QTBUG-22461 Change-Id: If141a9e72e8faebc3fc46b94dab7b4b728a75292 Reviewed-by: Thiago Macieira --- tests/auto/corelib/io/qsettings/tst_qsettings.cpp | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'tests/auto/corelib') diff --git a/tests/auto/corelib/io/qsettings/tst_qsettings.cpp b/tests/auto/corelib/io/qsettings/tst_qsettings.cpp index 0f07ba4bb2..57bab115bb 100644 --- a/tests/auto/corelib/io/qsettings/tst_qsettings.cpp +++ b/tests/auto/corelib/io/qsettings/tst_qsettings.cpp @@ -2331,14 +2331,15 @@ void tst_QSettings::testRegistry32And64Bit() void tst_QSettings::trailingWhitespace() { + const QString path = settingsPath("trailingWhitespace"); { - QSettings s("tst_QSettings_trailingWhitespace"); + QSettings s(path, QSettings::IniFormat); s.setValue("trailingSpace", "x "); s.setValue("trailingTab", "x\t"); s.setValue("trailingNewline", "x\n"); } { - QSettings s("tst_QSettings_trailingWhitespace"); + QSettings s(path, QSettings::IniFormat); QCOMPARE(s.value("trailingSpace").toString(), QLatin1String("x ")); QCOMPARE(s.value("trailingTab").toString(), QLatin1String("x\t")); QCOMPARE(s.value("trailingNewline").toString(), QLatin1String("x\n")); -- cgit v1.2.3 From e5acaa12e3cb3f9eb41657eee8146d82fe436093 Mon Sep 17 00:00:00 2001 From: Marc Mutz Date: Sat, 15 Feb 2020 20:23:40 +0100 Subject: QObject: treat T* -> bool conversions as narrowing Following wg21.link/LWG3228, it was found that a proper variant fix requires that T* -> bool conversions be treated as narrowing conversions in subclause wg21.link/dcl.init.lst. wg21.link/P1957R2 was accepted in Prague 2020 as a DR and retroactively applies to older C++ standards. Since we hard-code the algorithm of [dcl.init.lst], we can and must add this manually. [ChangeLog][QtCore][QObject] For the purposes of QT_NO_NARROWING_CONVERSIONS_IN_CONNECT, pointer (incl. pointer-to-member) to bool conversions are now considered narrowing. This matches the resolution of a defect report in C++ itself. Change-Id: Ifa9a3724c9c8ccd3dd6614928dbbe37477591dc1 Reviewed-by: Ville Voutilainen --- tests/auto/corelib/kernel/qobject/tst_qobject.cpp | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'tests/auto/corelib') diff --git a/tests/auto/corelib/kernel/qobject/tst_qobject.cpp b/tests/auto/corelib/kernel/qobject/tst_qobject.cpp index 21615d6ec4..63d06497ce 100644 --- a/tests/auto/corelib/kernel/qobject/tst_qobject.cpp +++ b/tests/auto/corelib/kernel/qobject/tst_qobject.cpp @@ -7462,6 +7462,12 @@ void tst_QObject::checkArgumentsForNarrowing() FITS(bool, const QObject *&); FITS(int (*)(bool), void (QObject::*)()); + { + // wg21.link/P1957 + NARROWS(char*, bool); + NARROWS(void (QObject::*)(), bool); + } + #undef IS_UNSCOPED_ENUM_SIGNED #undef NARROWS_IF -- cgit v1.2.3 From fd4be84d23a0db4186cb42e736a9de3af722c7f7 Mon Sep 17 00:00:00 2001 From: Lars Knoll Date: Wed, 26 Feb 2020 10:42:10 +0100 Subject: Add an expansion limit for entities Recursively defined entities can easily exhaust all available memory. Limit entity expansion to a default of 4096 characters to avoid DoS attacks when a user loads untrusted content. Added a setter and getter to allow modifying the expansion limit. [ChangeLog][QtCore][QXmlStream] QXmlStreamReader does now by default limit the expansion of entities to 4096 characters. Documents where a single entity expands to more characters than the limit are not considered well formed. The limit is there to avoid DoS attacks through recursively expanding entities when loading untrusted content. The limit can be changed through the QXmlStreamReader::setEntityExpansionLimit() method. Fixes: QTBUG-47417 Change-Id: I94387815d74fcf34783e136387ee57fac5ded0c9 Reviewed-by: Oswald Buddenhagen Reviewed-by: Volker Hilsheimer --- .../serialization/qxmlstream/tst_qxmlstream.cpp | 44 +++++++++++++++++++++- 1 file changed, 42 insertions(+), 2 deletions(-) (limited to 'tests/auto/corelib') diff --git a/tests/auto/corelib/serialization/qxmlstream/tst_qxmlstream.cpp b/tests/auto/corelib/serialization/qxmlstream/tst_qxmlstream.cpp index 12279133a2..28922574b8 100644 --- a/tests/auto/corelib/serialization/qxmlstream/tst_qxmlstream.cpp +++ b/tests/auto/corelib/serialization/qxmlstream/tst_qxmlstream.cpp @@ -397,8 +397,6 @@ public: return true; } - QXmlStreamReader reader(&inputFile); - /* See testcases.dtd which reads: 'Nonvalidating parsers * must also accept "invalid" testcases, but validating ones must reject them.' */ if(type == QLatin1String("invalid") || type == QLatin1String("valid")) @@ -583,6 +581,8 @@ private slots: void roundTrip() const; void roundTrip_data() const; + void entityExpansionLimit() const; + private: static QByteArray readFile(const QString &filename); @@ -1755,6 +1755,46 @@ void tst_QXmlStream::roundTrip_data() const "\n"; } +void tst_QXmlStream::entityExpansionLimit() const +{ + QString xml = QStringLiteral("" + "" + "" + "" + "" + "]>" + "&d;&d;&d;"); + { + QXmlStreamReader reader(xml); + QCOMPARE(reader.entityExpansionLimit(), 4096); + do { + reader.readNext(); + } while (!reader.atEnd()); + QCOMPARE(reader.error(), QXmlStreamReader::NotWellFormedError); + } + + // &d; expands to 10k characters, minus the 3 removed (&d;) means it should fail + // with a limit of 9996 chars and pass with 9997 + { + QXmlStreamReader reader(xml); + reader.setEntityExpansionLimit(9996); + do { + reader.readNext(); + } while (!reader.atEnd()); + + QCOMPARE(reader.error(), QXmlStreamReader::NotWellFormedError); + } + { + QXmlStreamReader reader(xml); + reader.setEntityExpansionLimit(9997); + do { + reader.readNext(); + } while (!reader.atEnd()); + QCOMPARE(reader.error(), QXmlStreamReader::NoError); + } +} + void tst_QXmlStream::roundTrip() const { QFETCH(QString, in); -- cgit v1.2.3 From 8b9a02537300507d21d58ac7d3db4fe1a2f2fe62 Mon Sep 17 00:00:00 2001 From: Volker Hilsheimer Date: Mon, 24 Feb 2020 17:23:57 +0100 Subject: Make QDeadlineTimer test more resilient against VM starvation Flaky fails in this test suggest that the VM on which the test is executed does not get CPU resources allocated for enough time to make this test pass. This change makes the test more resilient by taking the measurements as quickly as possible. In addition, use a sanity-check based on std::chrono APIs to abort the test completely if we see that the clock has advanced too far to make the following tests meaningful. Change-Id: Ie6ac4ffb52f20e7774014f8222c9cd8f54d8a263 Fixes: QTBUG-64517 Reviewed-by: Friedemann Kleint --- .../kernel/qdeadlinetimer/tst_qdeadlinetimer.cpp | 23 ++++++++++++++++++---- 1 file changed, 19 insertions(+), 4 deletions(-) (limited to 'tests/auto/corelib') diff --git a/tests/auto/corelib/kernel/qdeadlinetimer/tst_qdeadlinetimer.cpp b/tests/auto/corelib/kernel/qdeadlinetimer/tst_qdeadlinetimer.cpp index 4e105d7dc7..35c5e7cb75 100644 --- a/tests/auto/corelib/kernel/qdeadlinetimer/tst_qdeadlinetimer.cpp +++ b/tests/auto/corelib/kernel/qdeadlinetimer/tst_qdeadlinetimer.cpp @@ -580,11 +580,26 @@ void tst_QDeadlineTimer::stdchrono() auto now = QDeadlineTimer::current(timerType); QTest::qSleep(minResolution); + auto sampling_start = steady_clock::now(); + auto steady_deadline = now.deadline(); + auto system_deadline = now.deadline(); auto steady_after = steady_clock::now(); auto system_after = system_clock::now(); + auto sampling_end = steady_clock::now(); + + auto sampling_diff = duration_cast(sampling_end - sampling_start).count(); + if (sampling_diff > minResolution/2) { + qWarning() << "Sampling clock took" << sampling_diff << "ms"; + QSKIP("Sampling clock took too long, aborting test", Abort); + } + auto total_diff = duration_cast(steady_after - steady_before).count(); + if (total_diff >= 3*minResolution) { + qWarning() << "Measurement took" << total_diff << "ms"; + QSKIP("Measurement took too long, aborting test", Abort); + } { - auto diff = duration_cast(steady_after - now.deadline()); + auto diff = duration_cast(steady_after - steady_deadline); QVERIFY2(diff.count() > minResolution/2, QByteArray::number(qint64(diff.count()))); QVERIFY2(diff.count() < 3*minResolution/2, QByteArray::number(qint64(diff.count()))); QDeadlineTimer dt_after(steady_after, timerType); @@ -592,7 +607,7 @@ void tst_QDeadlineTimer::stdchrono() ("now = " + QLocale().toString(now.deadlineNSecs()) + "; after = " + QLocale().toString(dt_after.deadlineNSecs())).toLatin1()); - diff = duration_cast(now.deadline() - steady_before); + diff = duration_cast(steady_deadline - steady_before); QVERIFY2(diff.count() > minResolution/2, QByteArray::number(qint64(diff.count()))); QVERIFY2(diff.count() < 3*minResolution/2, QByteArray::number(qint64(diff.count()))); QDeadlineTimer dt_before(steady_before, timerType); @@ -601,7 +616,7 @@ void tst_QDeadlineTimer::stdchrono() "; before = " + QLocale().toString(dt_before.deadlineNSecs())).toLatin1()); } { - auto diff = duration_cast(system_after - now.deadline()); + auto diff = duration_cast(system_after - system_deadline); QVERIFY2(diff.count() > minResolution/2, QByteArray::number(qint64(diff.count()))); QVERIFY2(diff.count() < 3*minResolution/2, QByteArray::number(qint64(diff.count()))); QDeadlineTimer dt_after(system_after, timerType); @@ -609,7 +624,7 @@ void tst_QDeadlineTimer::stdchrono() ("now = " + QLocale().toString(now.deadlineNSecs()) + "; after = " + QLocale().toString(dt_after.deadlineNSecs())).toLatin1()); - diff = duration_cast(now.deadline() - system_before); + diff = duration_cast(system_deadline - system_before); QVERIFY2(diff.count() > minResolution/2, QByteArray::number(qint64(diff.count()))); QVERIFY2(diff.count() < 3*minResolution/2, QByteArray::number(qint64(diff.count()))); QDeadlineTimer dt_before(system_before, timerType); -- cgit v1.2.3