From da0620727f2e722cdd61d6b4fe9e84fb8d892956 Mon Sep 17 00:00:00 2001
From: Marc Mutz <marc.mutz@qt.io>
Date: Tue, 30 Jan 2024 11:33:13 +0100
Subject: [PATCH] QBitArray: defend resize() and fromBits() against negative
 sizes

Use the same technique the constructor already uses: Q_ASSERT followed
by selecting the no-op branch in case assertions are compiled out.

Change-Id: I24cbcfd686f67e060134baecfb21044948b6eb98
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
(cherry picked from commit a327117c0d851dac4eea860e7d86ef3f80a0ffce)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
---
 src/corelib/tools/qbitarray.cpp | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/corelib/tools/qbitarray.cpp b/src/corelib/tools/qbitarray.cpp
index 4390d52cbdc..f7fcc53d39b 100644
--- a/src/corelib/tools/qbitarray.cpp
+++ b/src/corelib/tools/qbitarray.cpp
@@ -203,7 +203,8 @@ qsizetype QBitArray::count(bool on) const
 */
 void QBitArray::resize(qsizetype size)
 {
-    if (!size) {
+    Q_ASSERT_X(size >= 0, "QBitArray::resize", "Size must be greater than or equal to 0.");
+    if (size <= 0) {
         d.resize(0);
     } else {
         d.resize(allocation_size(size), 0x00);
@@ -303,8 +304,9 @@ void QBitArray::fill(bool value, qsizetype begin, qsizetype end)
  */
 QBitArray QBitArray::fromBits(const char *data, qsizetype size)
 {
+    Q_ASSERT_X(size >= 0, "QBitArray::fromBits", "Size must be greater than or equal to 0.");
     QBitArray result;
-    if (size == 0)
+    if (size <= 0)
         return result;
 
     auto &d = result.d;