Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-89899

Integer-overflow in QFixed::QFixed

    XMLWordPrintable

    Details

    • Commits:
      679750684087cad7a48921c4174a53cdf4855049 (qt/qtbase/dev) 1a07e7899261c044a5325ca21dd20c9c7be3e6ef (qt/qtbase/6.0) 1d86362121f6153b08e5237015a8e23a599b9fc1 (qt/tqtc-qtbase/tqtc/lts-5.15) 781b55b24e190442d7e055a5e54e8acb44104519 (qt/qtbase/5.12)

      Description

      1. Have a build of Qt configured with "-sanitize undefined".
      2. Build the attached project.
      3. Run the resulting program and pass the input file:
        ./report 26034.html
        

        You will see output like:

        /work/qtbase/include/QtGui/6.0.0/QtGui/private/../../../../../../../src/qt/qtbase/src/gui/painting/qfixed_p.h:66:37: runtime error: signed integer overflow: 80000000 * 64 cannot be represented in type 'int'
        

      Found by oss-fuzz as issue 26034.

        Attachments

        1. 26034.html
          0.0 kB
          Robert Löhning
        2. main.cpp
          0.2 kB
          Robert Löhning
        3. report.pro
          0.1 kB
          Robert Löhning
        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

          Activity

            People

            Assignee:
            vgt Eirik Aavitsland
            Reporter:
            rlohning Robert Löhning
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Gerrit Reviews

                There are no open Gerrit changes