Details
-
Bug
-
Resolution: Done
-
P3: Somewhat important
-
5.15.2, 6.1
-
Ubuntu 20.04 LTS
clang 10.0.0
Qt 5.15.2, Qt dev branch
-
679750684087cad7a48921c4174a53cdf4855049 (qt/qtbase/dev) 1a07e7899261c044a5325ca21dd20c9c7be3e6ef (qt/qtbase/6.0) 1d86362121f6153b08e5237015a8e23a599b9fc1 (qt/tqtc-qtbase/tqtc/lts-5.15) 781b55b24e190442d7e055a5e54e8acb44104519 (qt/qtbase/5.12)
Description
- Have a build of Qt configured with "-sanitize undefined".
- Build the attached project.
- Run the resulting program and pass the input file:
./report 26034.html
You will see output like:
/work/qtbase/include/QtGui/6.0.0/QtGui/private/../../../../../../../src/qt/qtbase/src/gui/painting/qfixed_p.h:66:37: runtime error: signed integer overflow: 80000000 * 64 cannot be represented in type 'int'
Found by oss-fuzz as issue 26034.
Attachments
For Gerrit Dashboard: QTBUG-89899 | ||||||
---|---|---|---|---|---|---|
# | Subject | Branch | Project | Status | CR | V |
330896,2 | Gracefully reject requests for absurd font sizes | 6.0 | qt/qtbase | Status: MERGED | +2 | 0 |
330897,2 | Gracefully reject requests for absurd font sizes | 5.12 | qt/qtbase | Status: MERGED | +2 | 0 |
330899,2 | Gracefully reject requests for absurd font sizes | tqtc/lts-5.15 | qt/tqtc-qtbase | Status: MERGED | +2 | 0 |
330959,2 | Gracefully reject requests for absurd font sizes | dev | qt/qtbase | Status: MERGED | +2 | 0 |
331061,2 | fuzzing: Add HTML file which caused an overflow | dev | qt/qtqa | Status: MERGED | +2 | 0 |
348596,2 | Gracefully reject requests for absurd font sizes | 5.12.11 | qt/qtbase | Status: MERGED | +2 | 0 |