Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-123892

Uninitialized read in QRegularExpression

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Won't Do
    • Icon: Not Evaluated Not Evaluated
    • None
    • 6.6.3
    • Core: Other
    • None
    • Linux/Wayland

      I filed QTBUG-123878 yesterday, incorrectly, as nothing was wrong with QString. However, I have now tracked down the uninitialized memory read to QRegularExpression and attached a reduced reproduction that uses just QString and QRegularExpression.

      For the attached regexp and (SVG) text content triggers valgrind warnings. The reproduction executable will trigger this both in Debug and Release builds.

      In this case, it looks like no harm is done and the regexp simply returns no matches. Hard to say whether this is exploitable in some other way though.

        1. main.cpp
          22 kB
        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

            thiago Thiago Macieira
            jpetsovits Jakob Petsovits
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved:

                There are no open Gerrit changes