Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-95891

svg file freezes QImage

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • P1: Critical
    • 5.12.12, 5.15.8, 6.2.2, 6.3.0 Alpha
    • 5.12.9, 6.2.0 Beta2
    • SVG Support
    • Ubuntu 18.04 LTS, Ubuntu 20.04 LTS
      clang 7.0.0, clang 10.0.0, g++ 7.5.0, g++ 9.3.0
    • e544d8e457d52b543cae5c988f81237c7d6608da (qt/qtsvg/dev) 124536b7d40c3fbfe2f827ef8ca5410c399142d7 (qt/qtsvg/6.2) 2f369e9110afa70417691906ad637acf7542738b (qt/tqtc-qtsvg/5.15) 85485845bdf502674edf4d5b840f0194e62da7bb (qt/qtsvg/5.12)

    Description

      1. Have a build of Qt including qtsvg.
        No sanitizers needed.
      2. Build the attached project.
      3. Run the resulting program and pass the input file. 
        ./report 23699.svg

        This will fully occupy a CPU core and won't return (at least not in 20 minutes).

      Google's oss-fuzz found this as issue 23699

      Attachments

        1. 23699.svg
          0.3 kB
        2. main.cpp
          0.2 kB
        3. report.pro
          0.1 kB
        For Gerrit Dashboard: QTBUG-95891
        # Subject Branch Project Status CR V
        378255,2 SVG Image reading: Reject oversize svgs as corrupt dev qt/qtsvg Status: MERGED +2 0
        380343,2 SVG Image reading: Reject oversize svgs as corrupt 6.2 qt/qtsvg Status: MERGED +2 0
        380344,3 SVG Image reading: Reject oversize svgs as corrupt 5.12 qt/qtsvg Status: MERGED +2 0
        380346,3 SVG Image reading: Reject oversize svgs as corrupt tqtc/lts-5.15 qt/tqtc-qtsvg Status: MERGED +2 0

        Activity

          People

            vgt Eirik Aavitsland
            rlohning Robert Löhning
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Gerrit Reviews

                There are no open Gerrit changes