Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP4:Update
libqt5-qtbase.31637
0001-Dont-parse-XML-symbols-longer-than-4096-ch...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0001-Dont-parse-XML-symbols-longer-than-4096-characters.patch of Package libqt5-qtbase.31637
From d76b11a0d55f40e964686564bac512e5895147b6 Mon Sep 17 00:00:00 2001 From: Allan Sandfeld Jensen <allan.jensen@qt.io> Date: Wed, 14 Apr 2021 22:13:32 +0200 Subject: Don't parse XML symbols longer than 4096 characters It is slow and will use too much memory. Fixes: QTBUG-91889 Change-Id: I45c5e6038357c87bbb85b1ace17ef39a2a814ea0 Reviewed-by: Thiago Macieira <thiago.macieira@intel.com> (cherry picked from commit 38e111158a38507c63fd70f9ee18b9116b537976) Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org> --- src/corelib/serialization/qxmlstream.cpp | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'src/corelib/serialization/qxmlstream.cpp') diff --git a/src/corelib/serialization/qxmlstream.cpp b/src/corelib/serialization/qxmlstream.cpp index 9a3e306f42..a38720b370 100644 --- a/src/corelib/serialization/qxmlstream.cpp +++ b/src/corelib/serialization/qxmlstream.cpp @@ -1307,6 +1307,11 @@ inline int QXmlStreamReaderPrivate::fastScanName(int *prefix) int n = 0; uint c; while ((c = getChar()) != StreamEOF) { + if (n >= 4096) { + // This is too long to be a sensible name, and + // can exhaust memory + return 0; + } switch (c) { case '\n': case ' ': -- cgit v1.2.3
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor