Mark low-level text classes as security critical

These files process raw end user provided data and apply structure to it, through layout and Unicode algorithms. Extra care should be taken when reviewing changes to these files. Pick-to: 6.8 Change-Id: Iba86aec1a185bbbcd40aa2b8d4d0d839bb99ba0d Reviewed-by: Eirik Aavitsland <eirik.aavitsland@qt.io> (cherry picked from commit 2198cdc40630713670064334fb34dc2255980800) Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
2025-03-10 13:39:09 +01:00 · 2025-03-10 13:39:09 +01:00 · b6dd07382a
commit b6dd07382a
parent 45135e303a
2 changed files with 2 additions and 0 deletions
--- a/src/gui/text/qtextengine.cpp
+++ b/src/gui/text/qtextengine.cpp
@ -1,5 +1,6 @@
 // Copyright (C) 2021 The Qt Company Ltd.
 // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
+// Qt-Security score:critical reason:data-parser

 #include <QtGui/private/qtguiglobal_p.h>
 #include "qdebug.h"
--- a/src/gui/text/qtextlayout.cpp
+++ b/src/gui/text/qtextlayout.cpp
@ -1,5 +1,6 @@
 // Copyright (C) 2016 The Qt Company Ltd.
 // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
+// Qt-Security score:critical reason:data-parser

 #include "qtextlayout.h"
 #include "qtextengine_p.h"