From 4698862b763c2ab1ef14335e6cf8f15b375441b3 Mon Sep 17 00:00:00 2001
From: Mikolaj Boc <mikolaj.boc@qt.io>
Date: Mon, 13 Jun 2022 15:27:14 +0200
Subject: Escape the values of title and description in the svg generator
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The values for title and description are not escaped. This leads to
the generation of incorrectly structured SVG documents if meaningful
characters are added in the title (<, >, ', " for example).

Fixes: QTBUG-104203
Change-Id: I26bc5cf31c0178352774f9c1e6f57697a671d507
Reviewed-by: Tor Arne Vestbø <tor.arne.vestbo@qt.io>
---
 src/svg/qsvggenerator.cpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'src')

diff --git a/src/svg/qsvggenerator.cpp b/src/svg/qsvggenerator.cpp
index 1e3f55c..f641912 100644
--- a/src/svg/qsvggenerator.cpp
+++ b/src/svg/qsvggenerator.cpp
@@ -859,11 +859,11 @@ bool QSvgPaintEngine::begin(QPaintDevice *)
                   " version=\"1.2\" baseProfile=\"tiny\">" << Qt::endl;
 
     if (!d->attributes.document_title.isEmpty()) {
-        *d->stream << "<title>" << d->attributes.document_title << "</title>" << Qt::endl;
+        *d->stream << "<title>" << d->attributes.document_title.toHtmlEscaped() << "</title>" << Qt::endl;
     }
 
     if (!d->attributes.document_description.isEmpty()) {
-        *d->stream << "<desc>" << d->attributes.document_description << "</desc>" << Qt::endl;
+        *d->stream << "<desc>" << d->attributes.document_description.toHtmlEscaped() << "</desc>" << Qt::endl;
     }
 
     d->stream->setString(&d->defs);
-- 
cgit v1.2.1