Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-54169

xbm reader does not check height/width

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: P3: Somewhat important
    • Resolution: Done
    • Affects Version/s: 4.8.7, 5.6.0
    • Fix Version/s: 5.9.0 Beta 1
    • Component/s: Image formats
    • Labels:
      None
    • Environment:
      Arch Linux 64bit
      Qt 4.8.7 and Qt 5.6.0
      KDE Okular 16.04.1

      Description

      The xbm handler class does not check that the height/width given in the xbm file actually match the amount of data in the xbm image.

      When reading an (invalid) image such as test.xbm (attachment), the xbm reader leaves a part of its buffer uninitialized, since there is not enough image data in the file.

      Reproduce for Qt4:
      Save the image and open it with KDE Okular. Notice correct image followed by seemingly random pixels.

      Reproduce with Qt5:
      Display the image in a QLabel.

      QImage xbm("test.xbm");
      imageLabel = new QLabel;
      QLimageLabel->setPixmap(QPixmap::fromImage(xbm));

      Notice correct image followed by seemingly random pixels.

      The xbm reader should notice the discrepancy between the given sizes and the amount of image data and either fail or resize the image to avoid displaying uninitialized data. A warning about an invalid image would be nice.

      The xbm handler read method seems to be unchanged from 4.8.7 to 5.6.0, so probably affects everything in between too.

        Attachments

        1. test.xbm
          0.3 kB
          rtpublic1
        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

          Activity

            People

            Assignee:
            vgt Eirik Aavitsland
            Reporter:
            rtpublic1 rtpublic1
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Gerrit Reviews

                There are no open Gerrit changes