projects / qtdeclarative-opensource-src.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a6084cb) | patch
increase robustness of <img> tag in Text component
authorDebian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
Thu, 11 Dec 2025 10:02:24 +0000 (13:02 +0300)
committerDmitry Shachnev <mitya57@debian.org>
Thu, 11 Dec 2025 10:02:24 +0000 (13:02 +0300)
commit70d3e46827957b27fd6567fc953c86cccae9bdf8
tree4289dc4906068a3d461f54762f84e428af24eec0tree | snapshot
parenta6084cb680598cc6257c9fc7d8d49986ba18fe02commit | diff
increase robustness of <img> tag in Text component

Origin: upstream, https://code.qt.io/cgit/qt/qtdeclarative.git/commit/?id=4aaf9bf21f7cc69d
Last-Update: 2025-12-09

For Text.StyledText, there was no protection against <img> tags
with very large widths or heights. This could cause an application
to spend a very long time processing a layout and sometimes crash
if the size was too large.

We reuse the internal coord limit in QPainter as our maximum size
here, similar to what we do in Qt Svg for instance.

For Text.RichText, there were no issues in release builds, but in
debug builds, you could trigger an overflow assert when rounding
the number if it exceeded INT_MAX. For this, we simply cap the
width and height at INT_MAX.

Gbp-Pq: Name CVE-2025-12385.patch
src/quick/items/qquicktextdocument.cpp diff | blob | history
src/quick/util/qquickstyledtext.cpp diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.