From 72c850347eed90dfb4944ea3f99d4f7f398ef429 Mon Sep 17 00:00:00 2001
From: Eirik Aavitsland <eirik.aavitsland@qt.io>
Date: Fri, 23 Dec 2022 15:52:22 +0100
Subject: [PATCH] Fix potential corruption with image format conversion on arm
 neon

For tiny scanline lengths, even the initial offset to align on 16
bytes may overflow.

Fixes: QTBUG-109477
Change-Id: I198c6fa5a2551a951893515f905bb7cc35479608
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
(cherry picked from commit 7eccd7ac1c98e0c15c0b4a13d036a5ef46896d8a)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
---
 src/gui/image/qimage_neon.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/gui/image/qimage_neon.cpp b/src/gui/image/qimage_neon.cpp
index d3437b28180..b513dc2894f 100644
--- a/src/gui/image/qimage_neon.cpp
+++ b/src/gui/image/qimage_neon.cpp
@@ -18,7 +18,7 @@ Q_GUI_EXPORT void QT_FASTCALL qt_convert_rgb888_to_rgb32_neon(quint32 *dst, cons
 
     // align dst on 128 bits
     const int offsetToAlignOn16Bytes = (reinterpret_cast<quintptr>(dst) >> 2) & 0x3;
-    for (int i = 0; i < offsetToAlignOn16Bytes; ++i) {
+    for (int i = 0; i < qMin(len, offsetToAlignOn16Bytes); ++i) {
         *dst++ = qRgb(src[0], src[1], src[2]);
         src += 3;
     }