Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-73334

QImage::fill stops working on "big" images because of int overflow

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: P3: Somewhat important
    • Resolution: Done
    • Affects Version/s: 5.12.0
    • Fix Version/s: 5.13.0 Alpha 1
    • Component/s: GUI: Painting
    • Labels:
      None
    • Platform/s:
      Linux/X11

      Description

      The attach code fails to fill all the image as white because 46341 * 46341 is bigger than MAX_INT

       

      The overflow happens in qtbase/src/gui/painting/qdrawhelper_p.h:940:58

         qt_memfill(reinterpret_cast<T*>(d), value, width * height);

       

      Found while fuzzing kimageformats.

      You may want to mention oss-fuzz/12762 that is the bug number assigned to it. https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12762 (Will be public in 90 days) 

        Attachments

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

          Activity

            People

            Assignee:
            allan.jensen Allan Sandfeld Jensen
            Reporter:
            tsdgeos_kdab Albert Astals Cid
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Gerrit Reviews

                There are no open Gerrit changes