whytofly
/
qt6-bb10
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
qt6-bb10/tests/auto
History
Jonas Karlsson 28ecb523ce Improve KTX file reading memory safety 
* Use qAddOverflow/qSubOverflow methods for catching additions and
  subtractions with overflow and handle these scenarios when reading the
  file.
* Add 'safeView' method that checks that the byte array view constructed
  is not out of bounds.
* Return error if number of levels is higher than what is reasonable.
* Return error if number of faces is incorrect.
* Add unit test with invalid KTX file previously causing a segmentation
  fault.

This fixes CVE-2024-25580.

Fixes: QTBUG-121918
Pick-to: 6.7 6.6 6.5 6.2 5.15
Change-Id: Ie0824c32a5921de30cf07c1fc1b49a084e6d07b2
Reviewed-by: Eirik Aavitsland <eirik.aavitsland@qt.io>
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
 		2024-02-09 13:08:44 +01:00
..
bic/data Add binary compatibility file for 6.6.0 2023-10-17 22:23:42 +03:00
cmake CMake: Add test for configuring a standalone test 2024-02-08 15:40:04 +01:00
concurrent Remove extra semi-colons 2024-02-06 20:17:18 +09:00
corelib QList: give the LWG 3346 #ifdef'ery a symbolic name 2024-02-08 17:43:59 +01:00
dbus Remove extra semi-colons 2024-02-06 20:17:18 +09:00
gui Improve KTX file reading memory safety 2024-02-09 13:08:44 +01:00
guiapplauncher Turn the "concentriccircles" example into snippets, update screenshot 2023-12-14 20:06:32 +01:00
network Add QNetworkRequestFactory::(set)?Priority 2024-02-08 11:38:10 +01:00
opengl tests: Remove remains of qmake conversion from CMakeLists.txt files 2023-02-17 21:56:49 +01:00
other Change license for tests files 2024-02-04 09:56:42 +01:00
printsupport Change license for tests files 2024-02-04 09:56:42 +01:00
shared Change license for tests files 2024-02-04 09:56:42 +01:00
sql Change license for tests files 2024-02-04 09:56:42 +01:00
testlib QTest: allow passing chrono literal as QTRY_ timeout 2024-02-07 12:15:09 +00:00
tools Change license for tests files 2024-02-04 09:56:42 +01:00
wasm wasm: Refractor Selenium manual test into auto test 2024-02-07 13:15:09 +01:00
widgets QAbstractItemView: close all child editors when parent is removed 2024-02-08 18:31:26 +01:00
xml Change license for tests files 2024-02-04 09:56:42 +01:00
CMakeLists.txt CI: Enable some tests under corelib/thread for Wasm platform 2023-09-14 11:58:48 +02:00
network-settings.h Change license for tests files 2024-02-04 09:56:42 +01:00