Qt.git - Qt s a cross-platform application framework that is used for developing application software that can be run on various software and hardware platforms with little or no change in the underlying codebase, while still being a native application with native capabilities and speed.

diff options

author	Ademar de Souza Reis Jr <ademar.reis@openbossa.org>	2011-01-21 14:19:00 (GMT)
committer	Marius Storm-Olsen <marius.storm-olsen@nokia.com>	2011-01-21 15:22:11 (GMT)
commit	972fcb6de69fb7ed3ae8147498ceb5d2ac79f057 (patch)
tree	b6e728b3e687eb1ce5d8235f494a47618ddf7a3e /doc/src/snippets/code/src_gui_util_qundostack.cpp
parent	4c57b9d3f1865beb87120fc4691241c57a2bfb01 (diff)
download	Qt-972fcb6de69fb7ed3ae8147498ceb5d2ac79f057.zip Qt-972fcb6de69fb7ed3ae8147498ceb5d2ac79f057.tar.gz Qt-972fcb6de69fb7ed3ae8147498ceb5d2ac79f057.tar.bz2

QPainterPath: Ignore calls with NaN/Infinite parameters

QPainterPath can't handle NaNs/Inf inside coordinates, but instead of safely ignoring or aborting an operation, it shows a warning and keeps going on, with undefined behavior. Sometimes leading to infinite loops, leaks or crashes (see qtwebkit example below). This is particularly bad when QPainterPath is used to render content from untrusted sources (web or user data). As an example, there's a qtwebkit bug where the browser crashes when a particular SVG is loaded: https://bugs.webkit.org/show_bug.cgi?id=51698. Please note that "untrusted sources" doesn't apply only to network sources. This behavior can probably be exploited on applications such as file-browsers with previews enabled. Task-number: QTBUG-16664 Signed-off-by: Ademar de Souza Reis Jr <ademar.reis@openbossa.org> Merge-request: 1026 Reviewed-by: Marius Storm-Olsen <marius.storm-olsen@nokia.com> Reviewed-by: Eskil Abrahamsen Blomfeldt <eskil.abrahamsen-blomfeldt@nokia.com>

Diffstat (limited to 'doc/src/snippets/code/src_gui_util_qundostack.cpp')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: