Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-71208

QPicture crashes on malformed picture

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: P1: Critical
    • Resolution: Done
    • Affects Version/s: 5.12.0 Beta 2
    • Fix Version/s: 5.11.3, 5.12.0 RC
    • Component/s: GUI: Painting
    • Labels:
      None

      Description

      A malformed picture causes qChecksum() to SIGSEGV. The cause of the
      segmentation fault is a buffer over-read. This happens when the picture is
      first loaded and then the format of the picture is checked using
      QPicturePrivate::checkFormat() function. This function uses qChecksum()
      function to calculate the checksum of the picture and compare if the returned
      CRC-16 checksum is valid. However the malformed picture causes a crash in a
      qChecksum() function before the actual checksum validation is made.

      The attachment contain everything needed to reproduce.

        Attachments

        1. crash.pic
          0.0 kB
          Erkki Esimerkki
        2. qpicture-crash.cpp
          0.3 kB
          Erkki Esimerkki
        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

          Activity

            People

            • Assignee:
              vgt Eirik Aavitsland
              Reporter:
              markosilokunnas Erkki Esimerkki
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Gerrit Reviews

                There are no open Gerrit changes