1berry/qtbase
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

qurlrecode.cpp: fix Coverity ARRAY_VS_SINGLETON issue

Browse Source 
Coverity has this checker where it complains if you use a T as a
T[1]. The C++ standard says that this is fine¹, but qurlrecode.cpp,
specifically, is security-critical, so we shouldn't leave Coverity
issues unfixed in there.

So replace ucs4 with a buffer[1] array and make both dst and ucs4
point to buffer's first (and only) element.

Amends 2b82923c8fba5dcff707e344acdf9db8c444a55e.

¹ https://eel.is/c++draft/basic.compound#3.sentence-11

Pick-to: 6.8 6.5
Coverity-Id: 378435
Change-Id: I8ab2f70b542088e90dc43e616a0202e8c756f204
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
(cherry picked from commit 7a32a2238f52217bc4f0dc4c9620a2a2d350a1ca)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
This commit is contained in:
Marc Mutz 2025-03-04 12:22:06 +01:00 committed by Qt Cherry-pick Bot
parent e744561c35
commit 8e564bd00f
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/corelib/io/qurlrecode.cpp
View File

@ -255,7 +255,9 @@ struct QUrlUtf8Traits : public QUtf8BaseTraitsNoAscii
static bool encodedUtf8ToUtf16(QString &result, char16_t *&output, const char16_t *begin, static bool encodedUtf8ToUtf16(QString &result, char16_t *&output, const char16_t *begin,
const char16_t *&input, const char16_t *end, char16_t decoded) const char16_t *&input, const char16_t *end, char16_t decoded)
{ {
char32_t ucs4 = 0, *dst = &ucs4; char32_t buffer[1];
char32_t &ucs4 = buffer[0];
char32_t *dst = buffer;
const char16_t *src = input + 3;// skip the %XX that yielded \a decoded const char16_t *src = input + 3;// skip the %XX that yielded \a decoded
int charsNeeded = QUtf8Functions::fromUtf8<QUrlUtf8Traits>(decoded, dst, src, end); int charsNeeded = QUtf8Functions::fromUtf8<QUrlUtf8Traits>(decoded, dst, src, end);
if (charsNeeded < 0) if (charsNeeded < 0)