From d4302ec6936b8b3799a266b640b5d116b3296b29 Mon Sep 17 00:00:00 2001
From: Luca Bellonda <lbellonda@gmail.com>
Date: Wed, 13 Jul 2016 21:44:16 +0200
Subject: QtCore: Fix QXmlStreamReader for invalid characters in XML 1.0

The XML parser uses fastScanLiteralContent() to read a block of
text. The routine was not checking the range of valid characters as
defined in the XML standard:
https://www.w3.org/TR/2008/REC-xml-20081126/#NT-Char
A check has been added to stop reading the bad character.
Note that the characters are legal in XML 1.1, but QXmlStreamReader
is a well-formed XML 1.0 parser

[ChangeLog][QtCore][QXmlStreamReader]
Fixed a bug in the XML parser that prevented to load XML that
contained invalid characters for XML 1.0.

Change-Id: I10aaf84fbf95ccdaf9f6d683ea7c31925efff36d
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
---
 src/corelib/xml/qxmlstream.cpp | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'src/corelib/xml/qxmlstream.cpp')

diff --git a/src/corelib/xml/qxmlstream.cpp b/src/corelib/xml/qxmlstream.cpp
index a235145669c..ef7d454dcaa 100644
--- a/src/corelib/xml/qxmlstream.cpp
+++ b/src/corelib/xml/qxmlstream.cpp
@@ -1175,6 +1175,10 @@ inline int QXmlStreamReaderPrivate::fastScanLiteralContent()
             }
             // fall through
         default:
+            if (c < 0x20) {
+                putChar(c);
+                return n;
+            }
             textBuffer += QChar(c);
             ++n;
         }
-- 
cgit v1.2.3