Details
-
Bug
-
Resolution: Done
-
P3: Somewhat important
-
4.8.7, 5.6.0
-
None
-
Arch Linux 64bit
Qt 4.8.7 and Qt 5.6.0
KDE Okular 16.04.1
Description
The xbm handler class does not check that the height/width given in the xbm file actually match the amount of data in the xbm image.
When reading an (invalid) image such as test.xbm (attachment), the xbm reader leaves a part of its buffer uninitialized, since there is not enough image data in the file.
Reproduce for Qt4:
Save the image and open it with KDE Okular. Notice correct image followed by seemingly random pixels.
Reproduce with Qt5:
Display the image in a QLabel.
QImage xbm("test.xbm");
imageLabel = new QLabel;
QLimageLabel->setPixmap(QPixmap::fromImage(xbm));
Notice correct image followed by seemingly random pixels.
The xbm reader should notice the discrepancy between the given sizes and the amount of image data and either fail or resize the image to avoid displaying uninitialized data. A warning about an invalid image would be nice.
The xbm handler read method seems to be unchanged from 4.8.7 to 5.6.0, so probably affects everything in between too.
Attachments
| For Gerrit Dashboard: QTBUG-54169 | ||||||
|---|---|---|---|---|---|---|
| # | Subject | Branch | Project | Status | CR | V |
| 186837,2 | xbm image format: avoid uninitialized pixels for truncated data | 5.9 | qt/qtbase | Status: MERGED | +2 | 0 |