[PATCH] QTextMarkdownImporter: Fix heap-buffer-overflow

[PATCH] QTextMarkdownImporter: Fix heap-buffer-overflow

After finding the end marker `---`, the code expected more characters
beyond: typically at least a trailing newline. But QStringView::sliced()
crashes if asked for a substring that starts at or beyond the end.

Now it's restructured into a separate splitFrontMatter() function, and
we're stricter, tolerating only `---\n` or `---\r\n` as marker lines.
So the code is easier to prove correct, and we don't need to check
characters between the end of the marker and the end of the line
(to allow inadvertent whitespace, for example). If the markers are
not valid, the Markdown parser will see them as thematic breaks,
as it would have done if we were not extracting the Front Matter
beforehand.

Amends e10c9b5c0f8f194a79ce12dcf9b6b5cb19976942 and
bffddc6a993c4b6b64922e8d327bdf32e0d4975a

Credit to OSS-Fuzz which found this as issue 42533775.

[ChangeLog][QtGui][Text] Fixed a heap buffer overflow in
QTextMarkdownImporter. The first marker for Front Matter
must begin at the first character of a Markdown document,
and both markers must be exactly ---\n or ---\r\n.

Done-with: Marc Mutz <marc.mutz@qt.io>
Fixes: QTBUG-135284
Change-Id: I66412d21ecc0c4eabde443d70865ed2abad86d89
Reviewed-by: Marc Mutz <marc.mutz@qt.io>
(cherry picked from commit 25986746947798e1a22d0830d3bcb11a55fcd3ae)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
(cherry picked from commit eced22d7250fc7ba4dbafa1694bf149c2259d9ea)
(cherry picked from commit 9e59a924a04606c386b970ee6c9c7819cdd7ae1a)

Gbp-Pq: Name upstream_cve-2025-3512_fix_heap_buffer_overflow.diff