Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-89897

Integer-overflow in QTextHtmlParser::margin

    XMLWordPrintable

Details

    • Bug
    • Resolution: Unresolved
    • P3: Somewhat important
    • None
    • 5.15.2, 6.1
    • GUI: Text handling
    • Ubuntu 20.04 LTS
      clang 10.0.0
      Qt 5.15.2, Qt dev branch

    Description

      1. Have a build of Qt configured with "-sanitize undefined".
      2. Build the attached project.
      3. Run the resulting program and pass the input file: 
        ./report input.html

        You will see output like:

        /home/qtrob/dev/src/qt-5.15.2-base_svg/qtbase/src/gui/text/qtexthtmlparser.cpp:608:15: runtime error: signed integer overflow: 2147483647 + 2147483647 cannot be represented in type 'int'
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior /home/qtrob/dev/src/qt-5.15.2-base_svg/qtbase/src/gui/text/qtexthtmlparser.cpp:608:15 in

      Found by oss-fuzz as issue 25867.

      Attachments

        1. input.html
          0.0 kB
        2. main.cpp
          0.2 kB
        3. report.pro
          0.1 kB

        Activity

          People

            esabraha Eskil Abrahamsen Blomfeldt
            rlohning Robert Löhning
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated: