Details
-
Bug
-
Resolution: Done
-
P1: Critical
-
5.12.0, 5.13
-
Ubuntu 18.04 LTS 64 bit
gcc 7.3.0
clang 6.0
-
79f2a9e666a241c5baba1b9bf35c12be4cefcc26 (qt/qtbase/5.12)
Description
- Build the attached project
:
#include <QApplication> #include <QFile> #include <QTextDocument> int main(int argc, char *argv[]) { QApplication a(argc, argv); QFile f(argv[1]); f.open(QFile::ReadOnly); QTextDocument().setHtml(f.readAll()); return 0; }
- Start the resulting program passing the path to the attached malformed HTML file.
The program will crash:1 __GI_raise raise.c 51 0x7ffff61eae97 2 __GI_abort abort.c 79 0x7ffff61ec801 3 qt_message_fatal qlogging.cpp 1901 0x7ffff6bdfc0e 4 QMessageLogger::fatal qlogging.cpp 887 0x7ffff6be086d 5 qt_assert qglobal.cpp 3199 0x7ffff6bd93e9 6 QVarLengthArray<(anonymous namespace)::QBidiAlgorithm::DirectionalRun, 64>::operator[] qvarlengtharray.h 133 0x7ffff72fa754 7 (anonymous namespace)::QBidiAlgorithm::<lambda(int)>::operator()(int) const qtextengine.cpp 369 0x7ffff72fa754 8 (anonymous namespace)::QBidiAlgorithm::generateDirectionalRuns qtextengine.cpp 516 0x7ffff72fb33b 9 (anonymous namespace)::QBidiAlgorithm::resolveExplicitLevels qtextengine.cpp 533 0x7ffff72fb33b 10 (anonymous namespace)::QBidiAlgorithm::process qtextengine.cpp 1083 0x7ffff7305490 11 QTextEngine::itemize qtextengine.cpp 2049 0x7ffff7305490 12 QTextEngine::attributes qtextengine.cpp 1942 0x7ffff7305e21 13 QTextLayout::previousCursorPosition qtextlayout.cpp 733 0x7ffff730d97e 14 QTextDocumentPrivate::previousCursorPosition qtextdocument_p.cpp 1384 0x7ffff7335ba9 15 QTextCursorPrivate::movePosition qtextcursor.cpp 418 0x7ffff73623c7 16 QTextCursor::movePosition qtextcursor.cpp 1253 0x7ffff736591d 17 QTextHtmlImporter::processSpecialNodes qtextdocumentfragment.cpp 727 0x7ffff736aa0d 18 QTextHtmlImporter::import qtextdocumentfragment.cpp 518 0x7ffff736ae6a 19 QTextDocument::setHtml qtextdocument.cpp 1250 0x7ffff732e9bb 20 main main.cpp 10 0x555555554ee7 ... <Mehr>