QXmlStreamReader: port readBufferPos from int to qsizetype

The variable represents an offset into the QString readBuffer data
member. Given a QString with more than 2Gi of characters, the variable
would overflow before we've consumed all of readBuffer's
contents.

Signed integer overflow is UB, so anything could happen.

Task-number: QTBUG-102465
Pick-to: 6.3 6.2
Change-Id: I05d35a5e7f02f05462b318c86b17fdab7f1afec6
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
This commit is contained in:
Marc Mutz 2022-05-06 00:31:43 +02:00
parent f087e63bf5
commit ba741fd310

View File

@ -250,7 +250,7 @@ public:
uchar firstByte;
qint64 nbytesread;
QString readBuffer;
int readBufferPos;
qsizetype readBufferPos;
QXmlStreamSimpleStack<uint> putStack;
struct Entity {
Entity() = default;