Skip to content

Make image handler accept UTF-16/UTF-32 encoded SVGs + Avoid buffer overflow

Fabian Vogt requested to merge fvogt/qtsvg:work/fixes into kde/5.15

Found a bugfix in the dev branch, which reached their commercial 5.15 branch. Another bugfix in the dev branch was apparently not picked to 5.15, but is needed there as well, FWICT.

commit cfc616978b52a396b2ef6900546f7fc086d7cab3 (HEAD -> work/fixes, origin/work/fixes)
Author: Eirik Aavitsland <eirik.aavitsland@qt.io>
Date:   Thu Apr 8 13:19:52 2021 +0200

    Make image handler accept UTF-16/UTF-32 encoded SVGs
    
    The canRead() header checks assumed 8 bit encoding.
    
    Pick-to: 6.1 6.0 5.15
    Fixes: QTBUG-90744
    Change-Id: Ibe934fe9ed31b89ee0fbfc4562aa66ab1b359225
    Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
    (cherry picked from commit 45fb1f07eaa984af40fca9f12b8f3d27f7b0e9ac)

commit 1c2072ad16e0097c15df701dc22f07bf481fc4ec
Author: Robert Löhning <robert.loehning@qt.io>
Date:   Wed Feb 17 19:20:42 2021 +0100

    Avoid buffer overflow in isSupportedSvgFeature
    
    Fixes oss-fuzz issue 29873.
    
    Pick-to: 6.0 6.1
    Change-Id: I382683aa2d7d3cf2d05a0b8c41ebf21d032fbd7c
    Reviewed-by: Eirik Aavitsland <eirik.aavitsland@qt.io>
    (cherry picked from commit afde7ca3a40f524e40052df696f74190452b22cb)
Edited by Fabian Vogt

Merge request reports