Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-83817

potential out-of-bounds access in qcssparser

    XMLWordPrintable

Details

    • 204b6c99089bcf7893be326e7d0076402b7abf0c (qt/qtbase/dev) db0893a7e302fac1808a67541ef190293661348d (qt/qtbase/5.15), 66081c52b (dev), 5deee1e5a (6.9), 1c453be01 (6.8), 040839c10 (tqtc/lts-6.5), 12cec9769 (tqtc/lts-5.15)

    Description

      In qcssparser.cpp:1701

      features |= static_cast<int>(findKnownValue(d->values.value(i).variant.toString(),
                             styleFeatures, NumKnownStyleFeatures));

      styleFeatures is an array of length 3, and NumKnownStyleFeatures is 4. Inside findKnownValue() the array is accessed at index 3, which is an out-of-bounds access.

      See screenshot for visualisation of the issue.

      Coverity ID: 183557

      Attachments

        Issue Links

          mentioned in

          Page Loading...

          No reviews matched the request. Check your Options in the drop-down menu of this sections header.

          Activity

            People

              vhilshei Volker Hilsheimer
              jimis Dimitrios Apostolou
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Gerrit Reviews