CRA: Android: Mark QtLoader.java as security critical

Mark QtLoader as critical with "execute-external-code" due to library loading in: -loadQtLibraries() -loadLibraryHelper() -loadMainLibrary() -loadLibraries() QtLoader also parses library paths in: -parseNativeLibrariesDir() Fixes: QTBUG-136726 Task-number: QTBUG-135178 Pick-to: 6.8 Change-Id: I58a11fd44ea8159b8399ac7a27fd50eaab8185a6 Reviewed-by: Assam Boudjelthia <assam.boudjelthia@qt.io> (cherry picked from commit fd52f868accab86f800d632014300aaa4920663a) Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org> (cherry picked from commit 8447cd262f996b189fd30650aa1ada0c3609d66c)
2025-05-15 14:06:27 +03:00 · 2025-05-15 14:06:27 +03:00 · 93f62bcad3
commit 93f62bcad3
parent d49b2a7d46
1 changed files with 1 additions and 0 deletions
--- a/src/android/jar/src/org/qtproject/qt/android/QtLoader.java
+++ b/src/android/jar/src/org/qtproject/qt/android/QtLoader.java
@ -1,6 +1,7 @@
 // Copyright (C) 2023 The Qt Company Ltd.
 // Copyright (c) 2019, BogDan Vatra <bogdan@kde.org>
 // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
+// Qt-Security score:significant reason:trusted-data-only

 package org.qtproject.qt.android;