From e696bec76e4f852cb28f27c50c95d3504fba559e Mon Sep 17 00:00:00 2001 From: Thiago Macieira Date: Wed, 13 Dec 2023 11:37:48 -0300 Subject: QDataStream & QResource: document their lack of security-hardening Pick-to: 6.7 6.6 6.5 Fixes: QTBUG-120012 Task-number: QTBUG-119178 Change-Id: I6e2677aad2ab45759db2fffd17a06af730e320d6 Reviewed-by: Ievgenii Meshcheriakov Reviewed-by: Volker Hilsheimer --- src/corelib/io/qresource.cpp | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'src/corelib/io/qresource.cpp') diff --git a/src/corelib/io/qresource.cpp b/src/corelib/io/qresource.cpp index 1bdcf246bee..e3b09e7cbd6 100644 --- a/src/corelib/io/qresource.cpp +++ b/src/corelib/io/qresource.cpp @@ -233,6 +233,19 @@ static inline ResourceList *resourceList() itself will be unmapped from memory when the last QResource that points to it is destroyed. + \section2 Corruption and Security + + The QResource class performs some checks on the file passed to determine + whether it is supported by the current version of Qt. Those tests are only + to check the file header does not request features (such as Zstandard + decompression) that have not been compiled in or that the file is not of a + future version of Qt. They do not confirm the validity of the entire file. + + QResource should not be used on files whose provenance cannot be trusted. + Applications should be designed to attempt to load only resource files + whose provenance is at least as trustworthy as that of the application + itself or its plugins. + \sa {The Qt Resource System}, QFile, QDir, QFileInfo */ -- cgit v1.2.3