1berry/qtbase
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

rhi: Add doc notes about security considerations

Browse Source 
Pick-to: 6.8
Change-Id: Iee3ef375a5f08a0bac5fed2b45ff1d7a3b146dc5
Reviewed-by: Andy Nichols <andy.nichols@qt.io>
(cherry picked from commit 8612bd8345deb77a5670d774abfc73479107faf5)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
This commit is contained in:
Laszlo Agocs 2025-03-10 13:09:59 +01:00 committed by Qt Cherry-pick Bot
parent 7138834c91
commit 982483f134
2 changed files with 21 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/gui/rhi/qrhi.cpp
View File

@ -149,6 +149,17 @@ Q_STATIC_LOGGING_CATEGORY(QRHI_LOG_RUB, "qt.rhi.rub")
Tools module offers build system integration for CMake, the Tools module offers build system integration for CMake, the
\c qt_add_shaders() CMake function, that can achieve the same at build time. \c qt_add_shaders() CMake function, that can achieve the same at build time.
\section1 Security Considerations
All data consumed by QRhi and related classes such as QShader are considered
trusted content.
\warning Application developers are advised to carefully consider the
potential implications before allowing the feeding of user-provided content
that is not part of the application and is not under the developers'
control. (this includes all vertex/index data, shaders, pipeline and draw
call parameters, etc.)
\section1 Design Fundamentals \section1 Design Fundamentals
A QRhi cannot be instantiated directly. Instead, use the create() A QRhi cannot be instantiated directly. Instead, use the create()
@ -10731,6 +10742,11 @@ QByteArray QRhi::pipelineCacheData()
called at a low frequency, ideally only once e.g. when starting the called at a low frequency, ideally only once e.g. when starting the
application. application.
\warning Serialized pipeline cache data is assumed to be trusted content. Qt
performs robust parsing of the header and metadata included in \a data,
application developers are however advised to never pass in data from
untrusted sources.
\sa pipelineCacheData(), isFeatureSupported() \sa pipelineCacheData(), isFeatureSupported()
*/ */
void QRhi::setPipelineCacheData(const QByteArray &data) void QRhi::setPipelineCacheData(const QByteArray &data)

5
src/gui/rhi/qshader.cpp
View File

@ -537,6 +537,11 @@ static void readShaderKey(QDataStream *ds, QShaderKey *k)
If \a data cannot be deserialized successfully, the result is a default If \a data cannot be deserialized successfully, the result is a default
constructed QShader for which isValid() returns \c false. constructed QShader for which isValid() returns \c false.
\warning Shader packages, including \c{.qsb} files in the filesystem, are
assumed to be trusted content. Application developers are advised to
carefully consider the potential implications before allowing the loading of
user-provided content that is not part of the application.
\sa serialized() \sa serialized()
*/ */
QShader QShader::fromSerialized(const QByteArray &data) QShader QShader::fromSerialized(const QByteArray &data)