33 lines
1.2 KiB
Diff
33 lines
1.2 KiB
Diff
From d76b11a0d55f40e964686564bac512e5895147b6 Mon Sep 17 00:00:00 2001
|
|
From: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
Date: Wed, 14 Apr 2021 22:13:32 +0200
|
|
Subject: [PATCH] Don't parse XML symbols longer than 4096 characters
|
|
|
|
It is slow and will use too much memory.
|
|
|
|
Fixes: QTBUG-91889
|
|
Change-Id: I45c5e6038357c87bbb85b1ace17ef39a2a814ea0
|
|
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
|
|
(cherry picked from commit 38e111158a38507c63fd70f9ee18b9116b537976)
|
|
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
|
|
---
|
|
src/corelib/serialization/qxmlstream.cpp | 5 +++++
|
|
1 file changed, 5 insertions(+)
|
|
|
|
diff --git a/src/corelib/serialization/qxmlstream.cpp b/src/corelib/serialization/qxmlstream.cpp
|
|
index 9a3e306f424..a38720b370f 100644
|
|
--- a/src/corelib/serialization/qxmlstream.cpp
|
|
+++ b/src/corelib/serialization/qxmlstream.cpp
|
|
@@ -1307,6 +1307,11 @@ inline int QXmlStreamReaderPrivate::fastScanName(int *prefix)
|
|
int n = 0;
|
|
uint c;
|
|
while ((c = getChar()) != StreamEOF) {
|
|
+ if (n >= 4096) {
|
|
+ // This is too long to be a sensible name, and
|
|
+ // can exhaust memory
|
|
+ return 0;
|
|
+ }
|
|
switch (c) {
|
|
case '\n':
|
|
case ' ':
|