Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-72937

heap-buffer-overflow when passing invalid input to QTextDocument::setMarkdown

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • P1: Critical
    • None
    • Some future release
    • GUI: Text handling
    • Ubuntu 18.04 LTS 64 bit
      gcc 7.3.0
      clang 6.0

    Description

      1. Build the attached demo project on a Qt version built with "-sanitize address":
        #include <QFile>
        #include <QTextDocument>
        
        int main(int argc, char *argv[])
        {
            QFile f(argv[1]);
            f.open(QFile::ReadOnly);
            QTextDocument().setMarkdown(f.readAll());
            return 0;
        }
        

        Of course, this requires https://codereview.qt-project.org/214843/.

      2. Run it passing the filename of the attached malformed file as first parameter.
        The program crashes and writes command line output about the overflow.

      Attachments

        1. markdown.zip
          0.6 kB
        2. overflow.out
          6 kB
        3. QTBUG-72937.md
          0.0 kB

        Issue Links

          Activity

            People

              srutledg Shawn Rutledge
              rlohning Robert Löhning
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: