1berry/qtbase
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
63,542 Commits 63 Branches 260 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Jonas Karlsson dec1863c7d Improve KTX file reading memory safety 
* Use qAddOverflow/qSubOverflow methods for catching additions and
  subtractions with overflow and handle these scenarios when reading the
  file.
* Add 'safeView' method that checks that the byte array view constructed
  is not out of bounds.
* Return error if number of levels is higher than what is reasonable.
* Return error if number of faces is incorrect.
* Add unit test with invalid KTX file previously causing a segmentation
  fault.

This fixes CVE-2024-25580.

Fixes: QTBUG-121918
Change-Id: Ie0824c32a5921de30cf07c1fc1b49a084e6d07b2
Reviewed-by: Eirik Aavitsland <eirik.aavitsland@qt.io>
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
(cherry picked from commit 28ecb523ce8490bff38b251b3df703c72e057519)
Reviewed-by: Jonas Karlsson <jonas.karlsson@qt.io>
2024-02-09 12:43:42 +00:00
.github/workflows
Repair github action workflow
2021-11-10 18:57:33 +01:00
bin
CMake: Don't strip debug builds with qt-cmake-private-install in CI
2023-11-06 13:05:46 +00:00
cmake
Revert "Add the support of the qt_import_plugins functionality to androiddeployqt"
2024-01-29 13:41:02 +00:00
coin
Coin: Add native MSVC ARM64 instructions
2023-12-19 04:17:48 +00:00
config.tests
Remove the mandatory x86-64 features from its feature list
2023-05-31 14:55:37 -07:00
dist
Add Qt 6.0.0 changes file
2020-11-16 10:02:08 +02:00
doc
Doc: Update copyright year to 2024
2024-01-22 18:53:19 +00:00
examples
Doc: Fix documentation issues for Qt Core
2024-01-12 15:46:21 +01:00
lib
Purge all fonts
2015-08-18 19:59:14 +00:00
libexec
CMake: Add a config.redo script similar to qt5's config.status
2023-09-21 14:43:23 +02:00
LICENSES
Clarify license of SHA-1 algorithm
2023-04-26 16:36:18 +02:00
mkspecs
CMake: Warn when configuring Qt with an unsupported Apple SDK or Xcode
2023-11-30 10:18:33 +01:00
qmake
Remove build machine path that was baked into the qmake binary
2023-12-16 01:34:20 +00:00
src
Improve KTX file reading memory safety
2024-02-09 12:43:42 +00:00
tests
Improve KTX file reading memory safety
2024-02-09 12:43:42 +00:00
util
Prepare to support taking CLDR data from its github upstream
2024-01-19 19:18:11 +00:00
.cmake.conf
CMake: Warn when configuring Qt with an unsupported Apple SDK or Xcode
2023-11-30 10:18:33 +01:00
.gitattributes
Give batch files CRLF line endings
2020-11-04 15:02:29 +00:00
.gitignore
Add .cache/ to .gitignore
2023-11-09 02:42:49 +00:00
.lgtm.yml
Skip LGTM analysis for the bootstrap library and tools
2020-07-16 01:04:34 +02:00
.tag
CMakeLists.txt
CMake: Fix find_package(Qt6*Tools) in non-qtbase tests
2023-11-28 17:19:23 +01:00
config_help.txt
CMake: Allow installation of example sources into the Qt prefix
2023-08-17 07:38:18 +00:00
configure
configure: Make sure the configure script exits with cmake's exit code
2023-11-22 07:46:51 +00:00
configure.bat
CMake: Add a config.redo script similar to qt5's config.status
2023-09-21 14:43:23 +02:00
configure.cmake
CMake: Fix Threads global promotion issue when using static openssl
2024-01-22 18:53:16 +00:00
dependencies.yaml
Re-add dependencies.yaml now that qt5.git wip/qt6 builds fine
2019-09-18 13:19:31 +02:00
qt_cmdline.cmake
CMake: Allow installation of example sources into the Qt prefix
2023-08-17 07:38:18 +00:00
sync.profile
rhi: Make it a QPA-style private but semi-public API
2023-05-21 15:42:58 +02:00
Description
Qt Base (Core, Gui, Widgets, Network, ...)
c-plus-plusqtqt5
822 MiB
Languages
C++ 84.3%
HTML 4.9%
C 3.9%
CMake 3.6%
Objective-C++ 2%
Other 0.8%