diff options
| author | Ulf Hermann <ulf.hermann@qt.io> | 2019-04-30 13:29:45 +0200 |
|---|---|---|
| committer | Ulf Hermann <ulf.hermann@qt.io> | 2019-04-30 12:37:19 +0000 |
| commit | ac0d313ab15aa78c444d00ed6a1a202a1351dfa1 (patch) | |
| tree | 8f8c0db341329c8a7c8f7b27c2b196a5b9b86778 /src | |
| parent | f01e72a82b59c214ce4b0a6ecefb604bc66ddd3e (diff) | |
Yarr: Reject quantifiers larger than 16M
Nobody needs those and we run into integer overflows later on if we
accept them.
Fixes: QTBUG-74048
Change-Id: Ib8ccd05e4bd6f662c38fbe95bf1350f81982e1b8
Reviewed-by: Simon Hausmann <simon.hausmann@qt.io>
Diffstat (limited to 'src')
| -rw-r--r-- | src/3rdparty/masm/yarr/YarrParser.h | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/3rdparty/masm/yarr/YarrParser.h b/src/3rdparty/masm/yarr/YarrParser.h index 3e5311f1fb..edc6beb1f0 100644 --- a/src/3rdparty/masm/yarr/YarrParser.h +++ b/src/3rdparty/masm/yarr/YarrParser.h @@ -694,7 +694,8 @@ private: ASSERT(!hasError(m_errorCode)); ASSERT(min <= max); - if (min == UINT_MAX) { + const unsigned quantifyLimit = 1 << 24; + if (min > quantifyLimit || (max != quantifyInfinite && max > quantifyLimit)) { m_errorCode = ErrorCode::QuantifierTooLarge; return; } |