Avoid parsing over the buffer limit, or interpreting non-hex as hex.
This still leaves parsing of lines longer than 300 chars unreliable.
Based on Qt5 patch for CVE-2020-17507.
Signed-off-by: Slávek Banko <slavek.banko@axis.cz>
If `_POSIX_THREAD_PRIORITY_SCHEDULING == 0`, it must be checked
with sysconf(_SC_THREAD_PRIORITY_SCHEDULING) at runtime.
Signed-off-by: OBATA Akio <obache@wizdas.com>
The ppm format specifies that the maximum color value field must be
less than 65536. The handler did not enforce this, leading to
potentional overflow when the value was used in 16 bits context.
Based on Qt5 patch for CVE-2018-19872.
Signed-off-by: Slávek Banko <slavek.banko@axis.cz>
in the Qt plugins directory, instead of the TDE plugins
directory, which cannot be known at Qt build time.
This resolves issue #3.
Signed-off-by: gregory guy <g-gregory@gmx.fr>
Signed-off-by: Slávek Banko <slavek.banko@axis.cz>
Make the decoder fail early to avoid spending time and memory on
attempting to decode a corrupt image file.
Based on Qt5 patch for CVE-2018-19873.
Signed-off-by: Slávek Banko <slavek.banko@axis.cz>
Since image files easily can be (or corrupt files claim to be) huge,
it is worth checking for out of memory situations.
Based on Qt5 patch for CVE-2018-19870.
Signed-off-by: Slávek Banko <slavek.banko@axis.cz>
QT_CLEAN_NAMESPACE constant is no more needed
This may theoretically affect applications created for Qt1 and Qt2,
but such applications require further modifications as well.
---------------------------
Cherry picked and adapted from commit ff63338d in tqt3 from Slávek Banko <slavek.banko@axis.cz>
Signed-off-by: Michele Calgaro <michele.calgaro@yahoo.it>
currentThreadObject() returns a null pointer if the
current thread was not started using the QThread API.
This relates to bug 1748.
Signed-off-by: Michele Calgaro <michele.calgaro@yahoo.it>
If the passed object is the same, the warning message is not displayed any more.
If the passed object is different, a message is still displayed.
This resolves bug 1947.
If the passed object is the same, the warning message is not displayed any more.
If the passed object is different, a message is still displayed.
This resolves bug 1887.