summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Don't return partially inflated QByteArrayRobert Loehning2020-08-261-1/+1
| | | | | | | | | | | We're already stopping the extraction because we're running out of memory. It's no use to return this provisional result. Task-number: oss-fuzz-24611 Change-Id: Iea5a65a0f30b7a03c5405017c21cd9495a7c2971 Reviewed-by: Thiago Macieira <thiago.macieira@intel.com> (cherry picked from commit 103aace3b30ede9e5f5621e14542f5369eac749d) Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
* Fix check against division by zeroRobert Loehning2020-08-192-4/+25
| | | | | | | | | | | The squared values must not be zero. Since both are qreal, this can happen even when neither of them is zero itself. Fixes: oss-fuzz-24738 Change-Id: I61b2bc891e7e3831d4b6ee68b467db28c4f877d4 Reviewed-by: Thiago Macieira <thiago.macieira@intel.com> (cherry picked from commit 7f1945c5fb492505db9a43853987eaf805291919) Reviewed-by: Volker Hilsheimer <volker.hilsheimer@qt.io>
* Use qFuzzyIsNull instead of isEmpty() on QRectFRobert Loehning2020-08-061-1/+1
| | | | | | | | | | Avoids an integer overflow in QOutlineMapper Fixes: oss-fuzz-24131 Change-Id: I77a280640df4971e440d3f8888d2e7036a1f2e6a Reviewed-by: Volker Hilsheimer <volker.hilsheimer@qt.io> Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io> (cherry picked from commit 21ae1e161c933ffae38d42fe8191975d5ad8ee6e)
* Don't divide by zeroRobert Loehning2020-08-041-0/+2
| | | | | | | | Fixes: oss-fuzz-24308 Change-Id: I628f073cc2ec99b18333d2831c53cd888ebc5780 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io> (cherry picked from commit 3206ab23a01ff19850ebdce6ac0338ddb29b5b95) Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
* Avoid endless recursion in SvgStructureNode::boundsRobert Loehning2020-07-302-2/+8
| | | | | | | | Fixes: oss-fuzz-24028 Change-Id: I2ddfcd494747f2857d56ce54bc9c4ee3f986ac3e Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io> (cherry picked from commit 3f11586d79566c9ceb311c6c4a1ea12078deed5d) Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
* Avoid endless recursion when inflating gzipRobert Loehning2020-07-292-5/+6
| | | | | | | | Fixes: oss-fuzz-24146 Change-Id: I52a974e6a0694fb4afb50d932b2e99917c3034b2 Reviewed-by: Thiago Macieira <thiago.macieira@intel.com> (cherry picked from commit 8368111c76471a7415c29ba293848003fca2a4af) Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
* Return nullptr instead of 0Robert Loehning2020-07-241-1/+1
| | | | | | | Change-Id: I200214f90ce399034dabc61b00d20f7def8d923d Reviewed-by: Volker Hilsheimer <volker.hilsheimer@qt.io> (cherry picked from commit 0e1ea7b93388eca35814d3527584461074350f0f) Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
* Don't divide by zeroVolker Hilsheimer2020-07-172-0/+11
| | | | | | | | | Fixes: oss-fuzz-23731 Change-Id: Ib21a32a30f7a204d263e6710f17567d91c6aae79 Reviewed-by: Robert Loehning <robert.loehning@qt.io> Reviewed-by: Volker Hilsheimer <volker.hilsheimer@qt.io> (cherry picked from commit a7941a5b82e1b8397e9d5f20e5a68c8aac37fb51) Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
* Fix stack overflow in dtor of QSvgTinyDocumentRobert Loehning2020-07-151-1/+10
| | | | | | | | | | | Add a maximum to how many unfinished elements will be parsed by QSvgHandler. Fixes: oss-fuzz-24000 Change-Id: I4cea0500d2bc503d2c509d091300dd1117170299 Reviewed-by: Volker Hilsheimer <volker.hilsheimer@qt.io> (cherry picked from commit 2fc2cb44b275c7c18c2db262eec443eb198b9cc6) Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
* Add error handling to color parsingAllan Sandfeld Jensen2020-06-231-19/+22
| | | | | | | | | | | Also fixes undefined shift of negative values. Fixes oss-fuzz 23644 Change-Id: I08c998ebf2217cb8dc50fcb805603e01e67ad64b Reviewed-by: Volker Hilsheimer <volker.hilsheimer@qt.io> (cherry picked from commit 9a0d4ff631003a84205c61bd7a6ef843207f1675) Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
* Fix stack overflow in QSvgHandler::resolveGradientsAllan Sandfeld Jensen2020-06-232-5/+7
| | | | | | | | | | | Add a maximum to how deep it will nest. Fixes oss-fuzz 23643 Change-Id: I6183c04f65a539a6c7df42bc7346a86ee58aca6c Reviewed-by: Volker Hilsheimer <volker.hilsheimer@qt.io> (cherry picked from commit 6b86b5de893e9885f8288af5a096444b30fa2628) Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
* Fix oom in QSvgTinyDocument::loadAllan Sandfeld Jensen2020-06-231-0/+6
| | | | | | | | | | | | Avoid overflowing the size integer. Fixes ozz-fuzz 23606 Change-Id: Iaae2c1e78e59737bba0e34791de4a3a92677f319 Reviewed-by: Robert Loehning <robert.loehning@qt.io> Reviewed-by: Volker Hilsheimer <volker.hilsheimer@qt.io> (cherry picked from commit 99a86c1bc347092d76f1288d901b30643b8eea6c) Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
* Use QRect::isEmpty instead of QRect::isNullAllan Sandfeld Jensen2020-06-221-5/+5
| | | | | | | | | | | Otherwise we can end up processing empty rects, and get divisions by zero. Fixes oss-fuzz issue 23633. Change-Id: I0415462712792cb6a00eadd510b1688e859c419c Reviewed-by: Volker Hilsheimer <volker.hilsheimer@qt.io> (cherry picked from commit b5865df798323a63d8a89b8b50116888b930f3f0)
* Handle empty rectsAllan Sandfeld Jensen2020-06-221-10/+15
| | | | | | | | | | | | | Avoids a division by zero, also we don't appear to support auto sizes, so width and height are required attributes. Fixes oss-fuzz issue 23588. Change-Id: Ib3474c2ed4409977f6ffcf73088956c6c59ce4ad Reviewed-by: Volker Hilsheimer <volker.hilsheimer@qt.io> Reviewed-by: Robert Loehning <robert.loehning@qt.io> (cherry picked from commit 78cbbc1aa3a4802b2eeec8b5abfe196e05df1b16) Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
* Merge remote-tracking branch 'origin/5.12.9' into 5.12Qt Forward Merge Bot2020-06-171-0/+20
|\ | | | | | | Change-Id: Id4862ab9ac11cca8c1e740828f0f95f282e0d6fd
| * Add changes file for Qt 5.12.9v5.12.95.12.9Antti Kokko2020-06-041-0/+20
|/ | | | | | | + 3a677ae61f6ddcc7b3ab362d5a19d1831a1879df Bump version Change-Id: I22be9ad8a075db83d9400fc45129563d01f89ee8 Reviewed-by: Jani Heikkinen <jani.heikkinen@qt.io>
* Bump versionAlexandru Croitor2020-04-221-1/+1
| | | | Change-Id: I30f06b3b4d337979372a9bed512e87b3440bf276
* Merge remote-tracking branch 'origin/5.12.8' into 5.12Qt Forward Merge Bot2020-04-141-0/+20
|\ | | | | | | Change-Id: I2d7e031116a75656eba6d349c05ae3adfff45742
| * Add changes file for Qt 5.12.8v5.12.85.12.8Antti Kokko2020-03-171-0/+20
|/ | | | | | | + 4dd2be689840eb22409fe720498956555525f5bf Bump version Change-Id: Iacfbcd50e7f15d0ae36115e949707e478f0d26f6 Reviewed-by: Jani Heikkinen <jani.heikkinen@qt.io>
* Merge remote-tracking branch 'origin/5.12.7' into 5.12Qt Forward Merge Bot2020-01-311-0/+20
|\ | | | | | | Change-Id: I1668334cd289bf8b028d05a21219e35a763e11ba
| * Add changes file for Qt 5.12.7v5.12.75.12.7Antti Kokko2020-01-171-0/+20
| | | | | | | | | | | | | | + a74c296d19bb80004d822a96ff9e653f1dee75f8 Bump version Change-Id: I30a4b994d4588227e1845fbb716fb63e63171fd8 Reviewed-by: Jani Heikkinen <jani.heikkinen@qt.io>
* | Bump versionAlexandru Croitor2020-01-281-1/+1
|/
* Merge remote-tracking branch 'origin/5.12.6' into 5.12Qt Forward Merge Bot2020-01-071-0/+20
|\ | | | | | | Change-Id: Ia8e969da07ed4f8a6b59c7e09fd7e8c63bad8c31
| * Add changes file for Qt 5.12.6v5.12.65.12.6Antti Kokko2019-11-051-0/+20
| | | | | | | | | | | | | | + c9d8296c069db1fce98221cecb443e2e631a2536 Bump version Change-Id: I9181048ac95cc413ea42323db8045f5aeed159ca Reviewed-by: Jani Heikkinen <jani.heikkinen@qt.io>
* | Bump versionFrederik Gladhorn2019-11-071-1/+1
|/
* Bump versionFrederik Gladhorn2019-10-301-1/+1
|
* Merge "Merge remote-tracking branch 'origin/5.12.5' into 5.12"Qt Forward Merge Bot2019-09-071-0/+20
|\
| * Merge remote-tracking branch 'origin/5.12.5' into 5.12Qt Forward Merge Bot2019-09-071-0/+20
| |\ |/ / | | | | Change-Id: I97aca0fd9290c1295751fd618d0189014f2c732a
| * Add changes file for Qt 5.12.5v5.12.55.12.5Antti Kokko2019-08-231-0/+20
|/ | | | | | | | | | + b2f450146055360e6a25e80bc91753dd4d766bb1 Make QSvgGenerator test pass on Android + b540b304a39739ce1d630eb7a93b91926d25cbde Android: Fix QSVGPlugin test + 1cb4cd6e2d153bd1a4d53bfe4ccbeb6d8d269f55 Android: Skip QSVGRenderer test + 347de1dd25366015e3fbbc39ccd1a16ecb18eb2e Bump version Change-Id: Id2ea2664d0b9c350075673ce84c748939c2fe44a Reviewed-by: Jani Heikkinen <jani.heikkinen@qt.io>
* Bump versionFrederik Gladhorn2019-07-011-1/+1
| | | | Change-Id: I278f4280b8d088393e639e77eb9a51527a9560dd
* Android: Skip QSVGRenderer testEskil Abrahamsen Blomfeldt2019-06-251-1/+2
| | | | | | | | | | | | These tests require access to local file system and are not written to be portable to remote devices. Since there is no real platform-dependency in this, testing them on other platforms is sufficient, so we will just skip it on Android rather than spend time on it. Task-number: QTBUG-73624 Change-Id: Ic11b69d2eb73e0cd264b153c9870dd7923e1336d Reviewed-by: BogDan Vatra <bogdan@kdab.com>
* Android: Fix QSVGPlugin testEskil Abrahamsen Blomfeldt2019-06-252-17/+17
| | | | | | | | | Assets have to be included in the resources in order to be accessible when testing on a remote device. Task-number: QTBUG-73625 Change-Id: I80332b6492bffc01c0157918b9e6abbc2b87a43b Reviewed-by: BogDan Vatra <bogdan@kdab.com>
* Make QSvgGenerator test pass on AndroidEskil Abrahamsen Blomfeldt2019-05-142-2/+3
| | | | | | | | | | Platforms like Android require assets to be bundled with the app. We include the reference SVGs as resources to work around this. Task-number: QTBUG-73623 Change-Id: Id9cc7a7d575da5adbe73a3392419fd74a1ec1bbd Reviewed-by: BogDan Vatra <bogdan@kdab.com>
* Merge "Merge remote-tracking branch 'origin/5.12.4' into 5.12"Qt Forward Merge Bot2019-06-172-1/+21
|\
| * Merge remote-tracking branch 'origin/5.12.4' into 5.12Qt Forward Merge Bot2019-06-172-1/+21
| |\ |/ / | | | | Change-Id: I695d5bc0c1f5d93f4880d0b687b36327a88497cf
| * Add changes file for Qt 5.12.4v5.12.45.12.4Antti Kokko2019-05-231-0/+20
| | | | | | | | | | Change-Id: Ia8f0e8cc9e7e8f072358b4c179e7aedafb7d67ba Reviewed-by: Frederik Gladhorn <frederik.gladhorn@qt.io>
| * Bump versionFrederik Gladhorn2019-05-231-1/+1
|/ | | | Change-Id: I2cf60b8efe6070d6deaa1e2780a5bab7a710705a
* Fix stack overflow on indirect self-referralAllan Sandfeld Jensen2019-04-243-9/+25
| | | | | Change-Id: If2b13c3dc4a09ce6d18aff97855179172f92878b Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
* Fix leak in SVG font nodesAllan Sandfeld Jensen2019-04-241-7/+7
| | | | | | | | Their lifetime is controlled by the document, but the logic was confused and lost the node. Change-Id: Ib074dcf209d53ade894ee571a0bc08a1a7acfcab Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
* Merge remote-tracking branch 'origin/5.12.3' into 5.12Qt Forward Merge Bot2019-04-174-2/+71
|\ | | | | | | Change-Id: I73662000d1b52a4b61a9bd0a58af2fb9a7dc7b22
| * Remove dedundant line from changes filev5.12.35.12.3Robert Loehning2019-04-051-1/+0
| | | | | | | | | | Change-Id: Ibfbd66c9722e3ac008679aa67545591854052fc9 Reviewed-by: Eirik Aavitsland <eirik.aavitsland@qt.io>
| * Add changes file for Qt 5.12.3Antti Kokko2019-04-051-0/+23
| | | | | | | | | | | | | | | | | | | | + f6e5dc05855db60eab1568b5fe226922d1c899bb Don't leak nodes on parsing failures + f354d4be9a7a436fb16bd9764a261c930101850c Fix heap overflow in path parsing + 6f152f87dbbd47acc58458d636ce5d1cc181b8fd Fix IRI parsing, and use after free + d477ec8f40b28caf3a216d9e8550d8871d5131fb Bump version Change-Id: Id70f4fd80e8aae4b40f28f795d11d9ef80a0b55f Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
| * Fix crash for recursive gradient referencesEirik Aavitsland2019-04-023-2/+49
| | | | | | | | | | | | | | | | | | A reference loop with at least three elements would lead to endless recursion. Fixes: QTBUG-74189 Change-Id: Ie3c1b32da0e98e9218dc387dd3210666018a92e1 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* | Fix assert on misplaced tspan elementAllan Sandfeld Jensen2019-04-121-0/+7
|/ | | | | Change-Id: I75b3a88aae3cbd7838474d7a78f29fcd58172fc2 Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
* Bump versionKari Oikarinen2019-03-211-1/+1
| | | | Change-Id: I9acd09c96dd99d9da58dec1df45e53163914be33
* Merge remote-tracking branch 'origin/5.12.2' into 5.12Qt Forward Merge Bot2019-03-151-0/+20
|\ | | | | | | Change-Id: Ic3c621e86caa8d24bb328cb68a6734a88444efae
| * Add changes file for Qt 5.12.2v5.12.25.12.2Antti Kokko2019-02-211-0/+20
| | | | | | | | | | | | | | | | | | + ac797c4e17376b5497e0c37f15b9da48d622d18f Bump version + dcc4e2c4d96a6ad1447b9fb679afca21bb381218 Allow <style> without type attribute + a91a65632c4d830070e1ca9bbda7e355f1459414 Fix QSvgRenderer incorrect render of svg:image Change-Id: Ib13f61215098e8059b4b9168b04d61d1edd65617 Reviewed-by: Andy Shaw <andy.shaw@qt.io>
* | Fix IRI parsing, and use after freeAllan Sandfeld Jensen2019-03-043-13/+45
| | | | | | | | | | | | | | | | | | | | Make the parsing of IRI references tighter, and avoid freeing styles when inserting a duplicate id. Fixes: QTBUG-74104 Change-Id: I3a12fcf09ce1c55c135a4209817413ed8af75dec Reviewed-by: Robert Loehning <robert.loehning@qt.io> Reviewed-by: Eirik Aavitsland <eirik.aavitsland@qt.io>
* | Fix heap overflow in path parsingAllan Sandfeld Jensen2019-03-011-1/+1
| | | | | | | | | | | | Fixes: QTBUG-74129 Change-Id: I871c144f1df288a310e82aef979af7cfd7a54095 Reviewed-by: Robert Loehning <robert.loehning@qt.io>
* | Don't leak nodes on parsing failuresAllan Sandfeld Jensen2019-02-272-4/+15
|/ | | | | | | | | | | The QSvgHandler always expects the caller to handle ownership of the generated document, also when the parsing failed. QSvgHandler also failed to handle misplaced group elements. Fixes: QTBUG-74083 Change-Id: I8907117d4305ecd84e328b201791001cb877fc60 Reviewed-by: Robert Loehning <robert.loehning@qt.io>
View Lorry Controller Status