From a986a8c0997bfa87e91d37baf108bb07c8fa1c2d Mon Sep 17 00:00:00 2001 From: Marc Mutz Date: Mon, 11 Apr 2022 17:01:15 +0200 Subject: [PATCH] QXmlStreamPrivateTagStack: don't fail on more than 2Gi chars in the tag stack QXmlStreamPrivateTagStack holds the string data in a single large QString, which, on 64-bit platforms, can hold more than INT_MAX characters' worth of data. However, the code managing this QString still used int variables instead of qsizetype, making failure for such large tag string data all but inevitable, even though I didn't go to the length of actually constructing a failing test case. Fix by using qsizetype instead of int where required. Fixes: QTBUG-102467 Pick-to: 6.3 6.2 Change-Id: I50b7e194e43f3c7dce69c6e1fd4682fc517dd7d6 Reviewed-by: Thiago Macieira --- src/corelib/serialization/qxmlstream_p.h | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/src/corelib/serialization/qxmlstream_p.h b/src/corelib/serialization/qxmlstream_p.h index f87006c7db..2194fd1143 100644 --- a/src/corelib/serialization/qxmlstream_p.h +++ b/src/corelib/serialization/qxmlstream_p.h @@ -191,7 +191,7 @@ public: XmlStringRef name; XmlStringRef qualifiedName; NamespaceDeclaration namespaceDeclaration; - int tagStackStringStorageSize; + qsizetype tagStackStringStorageSize; qsizetype namespaceDeclarationsSize; }; @@ -199,14 +199,14 @@ public: QXmlStreamPrivateTagStack(); QXmlStreamSimpleStack namespaceDeclarations; QString tagStackStringStorage; - int tagStackStringStorageSize; - int initialTagStackStringStorageSize; + qsizetype tagStackStringStorageSize; + qsizetype initialTagStackStringStorageSize; bool tagsDone; XmlStringRef addToStringStorage(QStringView s) { - int pos = tagStackStringStorageSize; - int sz = s.size(); + qsizetype pos = tagStackStringStorageSize; + qsizetype sz = s.size(); if (pos != tagStackStringStorage.size()) tagStackStringStorage.resize(pos); tagStackStringStorage.append(s.data(), sz);