Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Done
Priority: P2: Important
Fix Version/s: 5.4.0 Beta, 5.4.0
Affects Version/s: 4.8.5, 4.8.6, 5.2.1, 5.3.0, 5.3.1
Component/s: Core: I/O
Labels:
None
Environment:
All versions

Description

QIODevice::read(char*,qint64 maxLen) crashes on large Files if maxlen > qin32_MAX in QIODevicePrivateLinearBuffer::read -> wrong cast of maxlen to int

-------------------------------------------------------------------

QFile tFile("c:/bigfile.bin");
char* tData=new char[3000000000];
//tFile.size() = 2227814416
if(tFile.open(QIODevice::ReadOnly))

{ tFile.read(tData,tFile.size()); //-> crash }

—
qint64 QIODevice::read(char *data, qint64 maxSize)
.
.
.
do {
// Try reading from the buffer.
int lastReadChunkSize = d->buffer.read(data, maxSize);

QIODevicePrivateLinearBuffer
.
.
.
int read(char* target, int size)

{ !!!!!!!!!!!! size and r is negativ on int cast from int64 > int32 and memcpy crashes int r = qMin(size, len); memcpy(target, first, r); len -= r; first += r; return r; }

Attachments

Gerrit Reviews

- Issue Only
- Show All Reviews
- Show Open Reviews
- Show All Issues
- Show Open Issues

For Gerrit Dashboard: QTBUG-40974
#	Subject	Branch	Project	Status	CR	V
93216,4	Fix 64 bit issues in QIODevicePrivateLinearBuffer	5.4	qt/qtbase	Status: MERGED	+2	0

Activity

People

Assignee:: Lars Knoll

Reporter:: brat

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 25 Aug '14 22:18

Updated:: 15 Sep '14 13:04

Resolved:: 15 Sep '14 13:04

Gerrit Reviews

There are no open Gerrit changes

Show There is 1 closed Gerrit change

Hide There is 1 closed Gerrit change

Fix 64 bit issues in QIODevicePrivateLinearBuffer: Gerrit Review: