sdpscanner: fix URL processing

Do not use the fixed-size temporary buffer, instead just parse the
data as a QByteArray.

Grepping through BlueZ sources, I could find only several usages of
SDP_URL_STR{8,16,32}, and all of them suggest that the url is simply
a NULL-terminated string (see [0], [1], [2]).
However, the older BlueZ sources suggest that the url can be not
NULL-terminated as well (see [3]).

To be on a safe side, we provide an implementation that handles both
cases correctly.

[0]: https://github.com/bluez/bluez/blob/9be85f867856195e16c9b94b605f65f6389eda33/lib/sdp.c#L465
[1]: https://github.com/bluez/bluez/blob/9be85f867856195e16c9b94b605f65f6389eda33/src/sdp-xml.c#L351
[2]: https://github.com/bluez/bluez/blob/9be85f867856195e16c9b94b605f65f6389eda33/tools/sdptool.c#L517

[3]: https://android.googlesource.com/platform/external/bluetooth/bluez/+/master/src/sdp-xml.c#324

Fixes: QTBUG-111242
Change-Id: I22f9521582863fb316dd0b2c49a78928b80a6078
Reviewed-by: Marc Mutz <marc.mutz@qt.io>
(cherry picked from commit a811bcb3e76e98d480581634b84daf5c8948aceb)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>

1 files changed, 1 insertions, 2 deletions

diff --git a/src/tools/sdpscanner/main.cpp b/src/tools/sdpscanner/main.cpp
index 946596bb..1f62d2a7 100644
--- a/src/tools/sdpscanner/main.cpp
+++ b/src/tools/sdpscanner/main.cpp
@@ -175,9 +175,8 @@ static void parseAttributeValues(sdp_data_t *data, int indentation, QByteArray &
     case SDP_URL_STR8:
     case SDP_URL_STR16:
     case SDP_URL_STR32:
-        strncpy(snBuffer, data->val.str, data->unitSize - 1);
         xmlOutput.append("<url value=\"");
-        xmlOutput.append(snBuffer);
+        xmlOutput.append(data->val.str, qstrnlen(data->val.str, data->unitSize));
         xmlOutput.append("\"/>\n");
         break;
     default: