Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Done
Priority: Not Evaluated
Fix Version/s: 6.5.0 Beta1
Affects Version/s: 5.15.10, 6.2.4, 6.3.0
Component/s: SVG Support
Labels:
- reported_by_support_standard

Commits:
4698862b76 (qt/qtsvg/dev) 4698862b76 (qt/tqtc-qtsvg/dev)

Description

The following code generates invalid XML (see attached SVG file):

#include <QGuiApplication>
#include <QSvgGenerator>
#include <QPainter>

int main(int argc, char **argv)
{
    QGuiApplication a(argc, argv);

    QSvgGenerator generator;
    generator.setFileName("bad.svg");
    generator.setSize(QSize(100, 100));
    generator.setViewBox(QRect(0,0,100,100));
    generator.setTitle(QString("This 'title' is \"bad\" & will cause <problems>"));
    generator.setDescription(QString("This 'description' is \"bad\" & will cause <more problems>"));

    QPainter painter(&generator);
    painter.fillRect(QRect(10,10,80,80), QColor(255,20,20));
    painter.drawText(20, 20, "Hello <World>");
}

QPainter::drawText() correctly escapes the text, but the QSvgGenerator title and description are not escaped.

Workaround

Use QString::toHtmlEscaped() on all strings passed into QSvgGenerator::setTitle() and QSvgRenderer::setDescription()

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List

bad.svg
1 kB
13 Jun '22 07:19

Gerrit Reviews

- Issue Only
- Show All Reviews
- Show Open Reviews
- Show All Issues
- Show Open Issues

No reviews matched the request. Check your Options in the drop-down menu of this sections header.

Activity

People

Assignee:: Mikołaj Boc (Inactive)

Reporter:: Sze Howe Koh

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 13 Jun '22 07:20

Updated:: 15 Jun '22 17:08

Resolved:: 14 Jun '22 10:40

Gerrit Reviews

There are no open Gerrit changes

Show There is 1 closed Gerrit change

Hide There is 1 closed Gerrit change

Escape the values of title and description in the svg generator: Gerrit Review: