From 9ceb7cb555b1355bbd7c26550c46000d05fd1e37 Mon Sep 17 00:00:00 2001
From: Alex Henrie <alexhenrie24@gmail.com>
Date: Wed, 15 Nov 2023 09:36:06 -0700
Subject: [PATCH] QMimeDatabase: handle buggy type definitions with circular
 inheritance

This fixes an infinite loop reported by a user who had both the
definition of text/javascript from shared-mime-info 2.3 and the
definition of text/javascript from shared-mime-info 2.4 installed at the
same time. In 2.3, text/javascript is a subtype of
application/ecmascript, but in 2.4 application/ecmascript is a subtype
of text/javascript. Having both at the same time resulted in circular
inheritance.

https://gitlab.freedesktop.org/xdg/shared-mime-info/-/merge_requests/258#note_2167707

[ChangeLog][QtCore][QMimeDatabase] Added code to detect and break
circular inheritance loops in the MIME data, which were causing infinite
loops

Pick-to: 6.5
Change-Id: Ic207b1593a49c7bb88e4fd810d8f88aa630087ce
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: David Faure <david.faure@kdab.com>
(cherry picked from commit 54656da9ace06caf4a0eeb1832989c0ab211a4a0)
Reviewed-by: Alex Henrie <alexhenrie24@gmail.com>
---
 src/corelib/mimetypes/qmimedatabase.cpp             |  9 +++++++--
 src/corelib/mimetypes/qmimetype.cpp                 |  7 +++++--
 .../qmimedatabase/circular-inheritance.xml          | 13 +++++++++++++
 .../qmimedatabase-cache/CMakeLists.txt              |  1 +
 .../qmimedatabase/qmimedatabase-xml/CMakeLists.txt  |  1 +
 .../mimetypes/qmimedatabase/tst_qmimedatabase.cpp   |  8 ++++++++
 6 files changed, 35 insertions(+), 4 deletions(-)
 create mode 100644 tests/auto/corelib/mimetypes/qmimedatabase/circular-inheritance.xml

diff --git a/src/corelib/mimetypes/qmimedatabase.cpp b/src/corelib/mimetypes/qmimedatabase.cpp
index e39ca68fe1e..f2786f3723c 100644
--- a/src/corelib/mimetypes/qmimedatabase.cpp
+++ b/src/corelib/mimetypes/qmimedatabase.cpp
@@ -10,6 +10,7 @@
 #include "qmimeprovider_p.h"
 #include "qmimetype_p.h"
 
+#include <private/qduplicatetracker_p.h>
 #include <private/qfilesystementry_p.h>
 
 #include <QtCore/QMap>
@@ -509,6 +510,7 @@ QList<QMimeType> QMimeDatabasePrivate::allMimeTypes()
 bool QMimeDatabasePrivate::inherits(const QString &mime, const QString &parent)
 {
     const QString resolvedParent = resolveAlias(parent);
+    QDuplicateTracker<QString> seen;
     std::stack<QString, QStringList> toCheck;
     toCheck.push(mime);
     while (!toCheck.empty()) {
@@ -517,8 +519,11 @@ bool QMimeDatabasePrivate::inherits(const QString &mime, const QString &parent)
         const QString mimeName = toCheck.top();
         toCheck.pop();
         const auto parentList = parents(mimeName);
-        for (const QString &par : parentList)
-            toCheck.push(resolveAlias(par));
+        for (const QString &par : parentList) {
+            const QString resolvedPar = resolveAlias(par);
+            if (!seen.hasSeen(resolvedPar))
+                toCheck.push(resolvedPar);
+        }
     }
     return false;
 }
diff --git a/src/corelib/mimetypes/qmimetype.cpp b/src/corelib/mimetypes/qmimetype.cpp
index 1ad41ac4314..94df48c6959 100644
--- a/src/corelib/mimetypes/qmimetype.cpp
+++ b/src/corelib/mimetypes/qmimetype.cpp
@@ -358,14 +358,17 @@ QStringList QMimeType::parentMimeTypes() const
 static void collectParentMimeTypes(const QString &mime, QStringList &allParents)
 {
     const QStringList parents = QMimeDatabasePrivate::instance()->mimeParents(mime);
+    QStringList newParents;
     for (const QString &parent : parents) {
         // I would use QSet, but since order matters I better not
-        if (!allParents.contains(parent))
+        if (!allParents.contains(parent)) {
             allParents.append(parent);
+            newParents.append(parent);
+        }
     }
     // We want a breadth-first search, so that the least-specific parent (octet-stream) is last
     // This means iterating twice, unfortunately.
-    for (const QString &parent : parents)
+    for (const QString &parent : newParents)
         collectParentMimeTypes(parent, allParents);
 }
 
diff --git a/tests/auto/corelib/mimetypes/qmimedatabase/circular-inheritance.xml b/tests/auto/corelib/mimetypes/qmimedatabase/circular-inheritance.xml
new file mode 100644
index 00000000000..466f039803d
--- /dev/null
+++ b/tests/auto/corelib/mimetypes/qmimedatabase/circular-inheritance.xml
@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<mime-info xmlns="http://www.freedesktop.org/standards/shared-mime-info">
+  <mime-type type="application/ecmascript">
+    <comment>It's more accurate to say that ECMAScript is a subset of JavaScript</comment>
+    <sub-class-of type="text/javascript"/>
+    <glob pattern="*.js"/>
+  </mime-type>
+  <mime-type type="text/javascript">
+    <comment>than to say that JavaScript is a subset of ECMAScript</comment>
+    <sub-class-of type="application/ecmascript"/>
+    <glob pattern="*.js"/>
+  </mime-type>
+</mime-info>
diff --git a/tests/auto/corelib/mimetypes/qmimedatabase/qmimedatabase-cache/CMakeLists.txt b/tests/auto/corelib/mimetypes/qmimedatabase/qmimedatabase-cache/CMakeLists.txt
index d9e055380e5..bf4a73545cd 100644
--- a/tests/auto/corelib/mimetypes/qmimedatabase/qmimedatabase-cache/CMakeLists.txt
+++ b/tests/auto/corelib/mimetypes/qmimedatabase/qmimedatabase-cache/CMakeLists.txt
@@ -23,6 +23,7 @@ qt_internal_add_test(tst_qmimedatabase-cache
     #"mime/packages/freedesktop.org.xml"
 #)
 set(testdata_resource_files
+    "../circular-inheritance.xml"
     "../invalid-magic1.xml"
     "../invalid-magic2.xml"
     "../invalid-magic3.xml"
diff --git a/tests/auto/corelib/mimetypes/qmimedatabase/qmimedatabase-xml/CMakeLists.txt b/tests/auto/corelib/mimetypes/qmimedatabase/qmimedatabase-xml/CMakeLists.txt
index e44ea7b5ebf..287ad0b4cf7 100644
--- a/tests/auto/corelib/mimetypes/qmimedatabase/qmimedatabase-xml/CMakeLists.txt
+++ b/tests/auto/corelib/mimetypes/qmimedatabase/qmimedatabase-xml/CMakeLists.txt
@@ -23,6 +23,7 @@ qt_internal_add_test(tst_qmimedatabase-xml
     #"mime/packages/freedesktop.org.xml"
 #)
 set(testdata_resource_files
+    "../circular-inheritance.xml"
     "../invalid-magic1.xml"
     "../invalid-magic2.xml"
     "../invalid-magic3.xml"
diff --git a/tests/auto/corelib/mimetypes/qmimedatabase/tst_qmimedatabase.cpp b/tests/auto/corelib/mimetypes/qmimedatabase/tst_qmimedatabase.cpp
index ee9e430b911..b67304bde86 100644
--- a/tests/auto/corelib/mimetypes/qmimedatabase/tst_qmimedatabase.cpp
+++ b/tests/auto/corelib/mimetypes/qmimedatabase/tst_qmimedatabase.cpp
@@ -38,6 +38,7 @@ static const char *const additionalMimeFiles[] = { "yast2-metapackage-handler-mi
                                                    "invalid-magic2.xml",
                                                    "invalid-magic3.xml",
                                                    "magic-and-hierarchy.xml",
+                                                   "circular-inheritance.xml",
                                                    0 };
 
 static const auto s_resourcePrefix = ":/qt-project.org/qmime/"_L1;
@@ -403,6 +404,13 @@ void tst_QMimeDatabase::inheritance()
     const QMimeType mswordTemplate = db.mimeTypeForName(QString::fromLatin1("application/msword-template"));
     QVERIFY(mswordTemplate.isValid());
     QVERIFY(mswordTemplate.inherits(QLatin1String("application/msword")));
+
+    // Check that buggy type definitions that have circular inheritance don't cause an infinite
+    // loop, especially when resolving a conflict between the file's name and its contents
+    const QMimeType ecmascript = db.mimeTypeForName(QString::fromLatin1("application/ecmascript"));
+    QVERIFY(ecmascript.allAncestors().contains("text/plain"));
+    const QMimeType javascript = db.mimeTypeForFileNameAndData("xml.js", "<?xml?>");
+    QVERIFY(javascript.inherits(QString::fromLatin1("text/javascript")));
 }
 
 void tst_QMimeDatabase::aliases()