Mark three files in corelib/mimetype as critical

* qmimeprovider.cpp parses file names to identify the Mimetype,
* qmimemagicrule.cpp parses the file to identify its Mimetype.
* qmimeglobpattern.cpp implements a pattern matching algorithm, i.e.
glob parser.

All involve parsing of data that might come from untrusted sources.

QUIP: 23
Task-number: QTBUG-135191
Pick-to: 6.8
Change-Id: I97d4cd8d635f05613d5a979c61038cef9c759989
Reviewed-by: Ivan Solovev <ivan.solovev@qt.io>
(cherry picked from commit 7d163200f9d6f47bce941969869c54369fc26056)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
(cherry picked from commit 924b8dd5847664313610d4016c49537538cb28ab)

src/corelib/mimetypes/qmimeglobpattern.cpp

@@ -1,5 +1,6 @@
 // Copyright (C) 2016 The Qt Company Ltd.
 // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
+// Qt-Security score:critical reason:data-parser
 
 #include "qmimeglobpattern_p.h"
 

src/corelib/mimetypes/qmimemagicrule.cpp

@@ -1,6 +1,6 @@
 // Copyright (C) 2016 The Qt Company Ltd.
 // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
-
+// Qt-Security score:critical reason:data-parser
 
 #define QT_NO_CAST_FROM_ASCII
 

src/corelib/mimetypes/qmimeprovider.cpp

@@ -2,6 +2,7 @@
 // Copyright (C) 2018 Klaralvdalens Datakonsult AB, a KDAB Group company, info@kdab.com, author David Faure <david.faure@kdab.com>
 // Copyright (C) 2019 Intel Corporation.
 // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
+// Qt-Security score:critical reason:data-parser
 
 #include "qmimeprovider_p.h"