Skip to content

Improve KTX file reading memory safety

Fabian Vogt requested to merge fvogt/qtbase:work/fvogt/CVE-2024-25580 into kde/5.15
This commit is imported from the Qt security announcement. It didn't have
a summary, so here's the one for the 6.6 backport, which applies mostly:

* Use qAddOverflow/qSubOverflow methods for catching additions and
  subtractions with overflow and handle these scenarios when reading the
* Add 'safeView' method that checks that the byte array view constructed
  is not out of bounds.
* Return error if number of levels is higher than what is reasonable.
* Return error if number of faces is incorrect.
* Add unit test with invalid KTX file previously causing a segmentation

This fixes CVE-2024-25580.

Fixes: QTBUG-121918
Pick-to: 6.5 6.2 5.15
Change-Id: Ie0824c32a5921de30cf07c1fc1b49a084e6d07b2
Reviewed-by: Eirik Aavitsland <>
Reviewed-by: Qt CI Bot <>
(cherry picked from commit 28ecb523ce8490bff38b251b3df703c72e057519)
Reviewed-by: Qt Cherry-pick Bot <>
(cherry picked from commit de5820c3f822b3dc0444d4aed16c6146c06f175d)
Edited by Fabian Vogt

Merge request reports