summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRobert Loehning <robert.loehning@qt.io>2020-07-17 16:50:08 +0200
committerRobert Loehning <robert.loehning@qt.io>2020-08-17 09:16:51 +0000
commit990bc88510a377532e3d16bede90965c043e22a0 (patch)
treeba9d617a472ed90535c34902e1afc46b2628daae
parent5eff30a3aff2bcd1c46bd76922a8280829dd5152 (diff)
downloadqtsvg-990bc88510a377532e3d16bede90965c043e22a0.tar.gz
Test rendering length which is fuzzy null
Pick-to: 5.15 Change-Id: I1a21f70cc5ca2319d041c5db8900e69adcb9850d Reviewed-by: Volker Hilsheimer <volker.hilsheimer@qt.io>
Diffstat
-rw-r--r--tests/auto/qsvgrenderer/tst_qsvgrenderer.cpp12
1 files changed, 12 insertions, 0 deletions
diff --git a/tests/auto/qsvgrenderer/tst_qsvgrenderer.cpp b/tests/auto/qsvgrenderer/tst_qsvgrenderer.cpp
index e6089bc..b348302 100644
--- a/tests/auto/qsvgrenderer/tst_qsvgrenderer.cpp
+++ b/tests/auto/qsvgrenderer/tst_qsvgrenderer.cpp
@@ -83,6 +83,7 @@ private slots:
void styleSheet();
void duplicateStyleId();
void oss_fuzz_23731();
+ void oss_fuzz_24131();
#ifndef QT_NO_COMPRESS
void testGzLoading();
@@ -1612,5 +1613,16 @@ void tst_QSvgRenderer::oss_fuzz_23731()
QSvgRenderer().load(QByteArray("<svg><path d=\"A4------\">"));
}
+void tst_QSvgRenderer::oss_fuzz_24131()
+{
+ // when configured with "-sanitize undefined", this resulted in:
+ // "runtime error: -nan is outside the range of representable values of type 'int'"
+ // runtime error: signed integer overflow: -2147483648 + -2147483648 cannot be represented in type 'int'
+ QImage image(377, 233, QImage::Format_RGB32);
+ QPainter painter(&image);
+ QSvgRenderer renderer(QByteArray("<svg><path d=\"M- 4 44044404444E-334-\"/></svg>"));
+ renderer.render(&painter);
+}
+
QTEST_MAIN(tst_QSvgRenderer)
#include "tst_qsvgrenderer.moc"
View Lorry Controller Status