Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-62468

QSharedMemory::size() can be larger than the size passed to QSharedMemory::create

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Not Evaluated
    • 5.9.2
    • 5.9.1
    • Core: Other, Documentation
    • None
    • Windows 7 x64
    • b7bcd03d194495f3e7230e0cd757b04641c633d9

    Description

      At least on Windows, it appears that the resulting shared memory segment created by `QSharedMemory::create` can be larger than the requested size due to alignment, and `QSharedMemory::size` returns the actual size of the shared memory segment instead of the requested size.

      However, this is not stated in the documentation at all.

      Users could have the false assumption that `QSharedMemory::size` returns the requested size and use it with functions like `memcpy` with another buffer, leading to buffer overflow.

      Attachments

        For Gerrit Dashboard: QTBUG-62468
        # Subject Branch Project Status CR V
        202425,2 Doc: indicate the QSharedMemory::size() that the size may be bigger 5.9 qt/qtbase Status: MERGED +2 0

        Activity

          People

            thiago Thiago Macieira
            alvinhochun Alvin Wong
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Gerrit Reviews

                There are no open Gerrit changes