Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-73334

QImage::fill stops working on "big" images because of int overflow

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • P3: Somewhat important
    • 5.13.0 Alpha 1
    • 5.12.0
    • GUI: Painting
    • None
    • Linux/X11

    Description

      The attach code fails to fill all the image as white because 46341 * 46341 is bigger than MAX_INT

       

      The overflow happens in qtbase/src/gui/painting/qdrawhelper_p.h:940:58

         qt_memfill(reinterpret_cast<T*>(d), value, width * height);

       

      Found while fuzzing kimageformats.

      You may want to mention oss-fuzz/12762 that is the bug number assigned to it. https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12762 (Will be public in 90 days) 

      Attachments

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

        Activity

          People

            allan.jensen Allan Sandfeld Jensen
            tsdgeos_kdab Albert Astals Cid
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Gerrit Reviews

                There are no open Gerrit changes