Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-87059

Integer-overflow in qRound through QSvgRenderer::render

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • P1: Critical
    • 6.0.3
    • 5.15
    • SVG Support
    • Ubuntu 18.04 LTS 64 bit
      clang 10.0.0
    • All

    Description

      1. Have a build of Qt configured with "-sanitize undefined".
      2. Build the attached project.
      3. Run the resulting program and pass the attached input file. 
        ./report input.svg

        You will get output including lines like:

        SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior /home/qtrob/dev/src/qt-5.15-base_svg-09.22/qtbase/src/corelib/kernel/qobject.cpp:420:13 in 
../../include/QtCore/../../../../../src/qt-5.15-base_svg-09.22/qtbase/src/corelib/global/qglobal.h:653:55: runtime error: -6,33825e+29 is outside the range of representable values of type 'int'
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior ../../include/QtCore/../../../../../src/qt-5.15-base_svg-09.22/qtbase/src/corelib/global/qglobal.h:653:55 in 
../../include/QtCore/../../../../../src/qt-5.15-base_svg-09.22/qtbase/src/corelib/global/qglobal.h:653:40: runtime error: -6,33825e+29 is outside the range of representable values of type 'int'
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior ../../include/QtCore/../../../../../src/qt-5.15-base_svg-09.22/qtbase/src/corelib/global/qglobal.h:653:40 in 
../../include/QtCore/../../../../../src/qt-5.15-base_svg-09.22/qtbase/src/corelib/global/qglobal.h:653:74: runtime error: -6,33825e+29 is outside the range of representable values of type 'int'
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior ../../include/QtCore/../../../../../src/qt-5.15-base_svg-09.22/qtbase/src/corelib/global/qglobal.h:653:74 in 
../../include/QtCore/../../../../../src/qt-5.15-base_svg-09.22/qtbase/src/corelib/global/qglobal.h:653:68: runtime error: signed integer overflow: -2147483648 + -2147483648 cannot be represented in type 'int'
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior ../../include/QtCore/../../../../../src/qt-5.15-base_svg-09.22/qtbase/src/corelib/global/qglobal.h:653:68 in 
/home/qtrob/dev/src/qt-5.15-base_svg-09.22/qtbase/src/corelib/kernel/qobject.cpp:393:27: runtime error: upcast of misaligned address 0x000001382861 for type 'QObjectPrivate::Connection', which requires 8 byte alignment

      Google's oss-fuzz found this as issue 24756.

      Attachments

        1. input.svg
          0.1 kB
          Robert Löhning
        2. main.cpp
          0.4 kB
          Robert Löhning
        3. report.pro
          0.0 kB
          Robert Löhning

        Activity

          People

            Unassigned Unassigned
            rlohning Robert Löhning
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: