From ae34a78b24a56b30b99976fb5cfc40e96596579b Mon Sep 17 00:00:00 2001 From: Andreas Buhr Date: Wed, 18 Nov 2020 14:34:37 +0100 Subject: [PATCH] Don't create a QTimeZonePrivate object for an unsupported time zone ID The QTzTimeZoneCache created one cache entry for every time zone which was looked up, even if the code was invalid. This uses some memory for each time zone code queried and thus allows DOS attacks if user supplied time zone codes are parsed. This patch prevents the creation of QTimeZonePrivate objects for invalid time zone IDs. Change-Id: I22007f6681bea54fa08639f4f786e1a49d10f920 Reviewed-by: Thiago Macieira --- src/corelib/time/qtimezone.cpp | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/src/corelib/time/qtimezone.cpp b/src/corelib/time/qtimezone.cpp index f2a7eea0f89..44b6662b5b7 100644 --- a/src/corelib/time/qtimezone.cpp +++ b/src/corelib/time/qtimezone.cpp @@ -466,8 +466,13 @@ QTimeZone::QTimeZone(const QByteArray &ianaId) d = new QUtcTimeZonePrivate(ianaId); // If not a CLDR UTC offset ID then try creating it with the system backend. // Relies on backend not creating valid TZ with invalid name. - if (!d->isValid()) - d = ianaId.isEmpty() ? newBackendTimeZone() : newBackendTimeZone(ianaId); + if (!d->isValid()) { + if (ianaId.isEmpty()) + d = newBackendTimeZone(); + else if (global_tz->backend->isTimeZoneIdAvailable(ianaId)) + d = newBackendTimeZone(ianaId); + // else: No such ID, avoid creating a TZ cache entry for it. + } // Can also handle UTC with arbitrary (valid) offset, but only do so as // fall-back, since either of the above may handle it more informatively. if (!d->isValid()) {