From 9219e8ff1d13a7e9aeb595d60aa4b3767a8941fc Mon Sep 17 00:00:00 2001 From: Marc Mutz Date: Sat, 27 Jan 2024 10:38:32 +0100 Subject: QBitArray: don't create invalid Qt 5 streams Qt 5 streams cannot handle QBitArrays with more than INT_MAX bits, even on 64-bit platforms, because of interface constraints (size_type int). Qt 6 can, so make sure to refuse serialization of oversized QBitArrays to Qt-5-compatible streams. [ChangeLog][QtCore][QBitArray] Now refuses to stream a QBitArray with size() > INT_MAX to a Qt-5-compatible QDataStream. Pick-to: 6.7 6.6 6.5 6.2 Change-Id: I263e27bd366757c8e0360dfd337948c44d00647a Reviewed-by: Thiago Macieira Reviewed-by: Allan Sandfeld Jensen --- src/corelib/tools/qbitarray.cpp | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'src/corelib/tools/qbitarray.cpp') diff --git a/src/corelib/tools/qbitarray.cpp b/src/corelib/tools/qbitarray.cpp index 8c750dd01cb..20fb7f53044 100644 --- a/src/corelib/tools/qbitarray.cpp +++ b/src/corelib/tools/qbitarray.cpp @@ -900,6 +900,10 @@ QDataStream &operator<<(QDataStream &out, const QBitArray &ba) { const qsizetype len = ba.size(); if (out.version() < QDataStream::Qt_6_0) { + if (Q_UNLIKELY(len > qsizetype{(std::numeric_limits::max)()})) { + out.setStatus(QDataStream::WriteFailed); // ### SizeLimitExceeded + return out; + } out << quint32(len); } else { out << quint64(len); -- cgit v1.2.3