Priority: P1: Critical
Affects Version/s: 6.2.0, 6.4
Component/s: SVG Support
Environment:Ubuntu 20.04 LTS
g++ 9.3.0, clang 10
Commits:1749388cdc (qt/qtsvg/dev) 1749388cdc (qt/tqtc-qtsvg/dev) c80de46664 (qt/tqtc-qtsvg/5.15) 980b4d27bd (qt/qtsvg/6.2) 2f70896980 (qt/qtsvg/6.3) 980b4d27bd (qt/qtsvg/6.2.3) 980b4d27bd (qt/tqtc-qtsvg/6.2) 980b4d27bd (qt/tqtc-qtsvg/6.2.3)
- Have a build of Qt including qtsvg.
No sanitizers needed.
- Build the attached project.
- Run the resulting program and pass the input file.
You will see error messages and it will take too long until the program returns:
While it runs, the program fully occupies a CPU core.
When built on Qt 6.1.3, the program returns immediately:
Google's oss-fuzz found this as issue 41331. They will publish the report on February 21st.