QTextHtmlParserNode: Avoid extreme values for font's pixelsize

They currently cause an integer-overflow in variantHash(). Fixes: oss-fuzz-24702 Pick-to: 5.12 5.15 Change-Id: Ibee4413ca766c8ade9aeff2f2052b82cb9f7d213 Reviewed-by: Volker Hilsheimer <volker.hilsheimer@qt.io> Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
2020-08-27 16:18:58 +02:00 · 2020-08-27 16:18:58 +02:00 · 0bd770fb87
commit 0bd770fb87
parent 8dc38d3525
1 changed files with 1 additions and 0 deletions
--- a/src/gui/text/qtexthtmlparser.cpp
+++ b/src/gui/text/qtexthtmlparser.cpp
@ -1381,6 +1381,7 @@ void QTextHtmlParserNode::applyCssDeclarations(const QList<QCss::Declaration> &d
    QFont f;
    int adjustment = -255;
    extractor.extractFont(&f, &adjustment);
+    f.setPixelSize(qMin(f.pixelSize(), INT32_MAX / 2));   // avoid even more extreme values
    charFormat.setFont(f, QTextCharFormat::FontPropertiesSpecifiedOnly);

    if (adjustment >= -1)