It can happen that QDataStream is fed a QVariant that contains a QPixmap
representation, that will make the application crash when trying to
restore it
This is specially important for cases in which applications expose dbus
interfaces with QVariantMaps
Change-Id: Ife4feaef30f30e7e27d88464bd6b2a247f743123
Reported-by: Fabian Vogt <fabian@ritter-vogt.de>
Reviewed-by: Fabian Vogt <fabian@ritter-vogt.de>
Reviewed-by: Mitch Curtis <mitch.curtis@qt.io>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
[ChangeLog][qmake] A new feature "cmdline" was added that implies
"CONFIG += console" and "CONFIG -= app_bundle".
Task-number: QTBUG-27079
Change-Id: I6e52b07c9341c904bb1424fc717057432f9360e1
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@gmx.de>
Some tests were fixed and others were skipped/blacklisted.
Task-number: QTBUG-63152
Change-Id: Ica7df555f8d152ee589865911130525101d4b941
Reviewed-by: Liang Qi <liang.qi@qt.io>
The unit tests weren't running into this problem because the every
setDevice() was preceded by the object being initialized with the exact
same data, so there was never a previous error state. I've only changed
a couple of tests, left the other setDevice() unchanged so we test both
behaviors.
Fixes: QTBUG-71426
Change-Id: I1bd327aeaf73421a8ec5fffd1561a590e3933376
Reviewed-by: Nils Jeisecke <nils.jeisecke@saltation.com>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Spaceship operator was disabled for QCborValue, but not the test.
Change-Id: Icb91da689f62ef6de9f4fa926346505c5e50e9eb
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
QImage's operator>>(QDataStream&) did not set an error mode on the
stream on read failures. That would break QDataStream transactions.
Since the current QImage serialization cannot differentiate between
truncated and corrupted data, we set the ReadPastEnd error as expected
by the transaction system.
Also specify the expected file format on decoding QImage from stream,
to avoid all the format handlers' canRead() being invoked. This is
necessary since some of them may call ungetChar(), which fails when
the stream is in a transaction.
Also add testing of this feature to the QDataStram transaction
autotest. That required a slight rewrite of the fake sequential
QIODevice subclass. The previous implementation had incorrect
behavior of peek(), which is required by QImage decoders.
Task-number: QTBUG-70875
Change-Id: If3f1ca7186ad1e6ca0e6e8ea81d2b2fbece6ea01
Reviewed-by: Alex Trotsenko <alex1973tr@gmail.com>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Use a template on the size of the char[], as suggested by Ville
Voutilainen. This resolves ambiguity about whether such look-ups
should be done via QString or QCborValue (not that it would have made
any difference).
When we come to add mutating indexing of QCborValue, chained
dereferences like map[i][j][k] need to stay in operator[] const
throughout, to avoid detaching intermediates to create references into
them due to using the mutating operator[] on the earlier dereference's
return. So const-qualify the QCborValue operator[] const variants at
the same time, to match those of QCborValue itself.
Change-Id: Ib1652ae9440fe3767a653afa2856b74040210e07
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
I'm intentionally not testing improperly-paired surrogates, since those
can't be encoded in CBOR.
Change-Id: I0d3cc366baaa49f3ad28fffd154240287ce34c22
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
A default-constructed QJsonObject has no data payload, it is only a pair of null
pointers. So, when it becomes necessary to 'materialize' such an object, a
special global emptyObject constant is used as the substitute payload. There is
a small problem with this global constant though, namely that it's is_object
flag is unset. In other words, the emptyObject is not an object, but an array.
Fix by setting the is_object flag on emptyObject.
The example code in the bug report
QJsonObject parent;
QJsonObject child;
parent["child"] = child; // 1
child = parent["child"].toObject(); // 2
child["test"] = "test"; // 3
runs into this problem on line 1. Inserting the default-constructed child means
inserting a copy of emptyObject. On line 2 a pointer to this copy of emptyObject
is retrieved and cast to an object. But it's not an object, it's an array, so
things go wrong hereafter.
Specifically, on line 3, two inserts are performed, one from operator[] and one
from operator=. Each insert increments a compaction counter. The second insert
triggers compaction (QJsonObject::insert calls Value::requiredStorage calls
Data::compact) and compaction branches based on the is_object flag. Replacing
line 3 with
child.insert("test", "test");
causes the example to appear to work since compaction is not triggered and the
JSON serializer does not look at the is_object flag. Still, any further insert()
calls would trigger compaction and memory corruption.
Task-number: QTBUG-69626
Change-Id: I8bd5174dce95998bac479c4b4ffea70bca1a4d04
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
If we ever need to add QCborValue to the bootstrap library, it's
unlikely that we'll need this part. And by splitting it, I can make the
code handle more cases, that hadn't been properly handled before.
Change-Id: I2f630efbbce54f14bfa9fffd154160c0ad893695
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
This makes QCborValue more future compatible, as code written today for
tags that QCborValue does not recognize will continue to work if
QCborValue gains support for it in the future.
This change also obviates the need for reinterpretAsTag(), which I had
not written unit tests for as I knew this change was coming.
Change-Id: I052407b777ec43f78378fffd15302bdc34f66755
Reviewed-by: Simon Hausmann <simon.hausmann@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Questions:
1) should QCborMap::extract return value_type (a pair) instead of just
the value?
2) should the both return the iterator to the next element too, like
erase()?
Change-Id: I052407b777ec43f78378fffd15302a9c14468db3
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
This is very similar to QJsonDocument, but there's no QCborDocument.
QCborValue is that.
[ChangeLog][QtCore] Added QCborValue, QCborArray and QCborMap, classes
that permit DOM-like access to CBOR data. The API is similar to
QJsonValue, QJsonArray and QJsonObject, respectively.
Change-Id: I9741f017961b410c910dfffd14ffca50dd8ef3ba
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
QIODevice represents considreable overhead, even with just QBuffer, for
parsing simple things. Benchmarking showed it was spending 25% of the
parsing time inside one QIODevice function or another. So this commit
accomplishes two things:
1) it increases the buffer size from 9 bytes to up to 256, which should
reduce the number of calls into the QIODevice
2) if the source data is a QByteArray, then use it directly and bypass
the QIODevice, thus increasing performance considerably
Change-Id: I56b444f9d6274221a3b7fffd150c531c9d28e54b
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
This is the counterpart of the previous commit.
[ChangeLog][QtCore] Added QCborStreamReader and QCborStreamWriter,
classes for low-level reading and writing of CBOR streams.
Change-Id: Ia0aac2f09e9245339951ffff13c72e4bffdf4a56
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
The added test case contains the binary JSON equivalent of
["ž"]
with the modification that the string's length has been set to INT_MAX. In
Value::usedStorage this length is used through the pointer d like so
s = sizeof(int) + sizeof(ushort) * qFromLittleEndian(*(int *)d);
Because 2 * INT_MAX is UINT_MAX-1, the expression as a whole evaluates to 2,
which is considered a valid storage size. However, when converting this binary
JSON into ordinary JSON we will attempt to construct a QString of length
INT_MAX.
Fixed by using String::isValid instead of Value::usedStorage. This method
already takes care to avoid the overflow problem. Additionally, I've tried in
this patch to clarify the behavior of Value::isValid a bit by writing it in a
style that is hopefully more amenable to structural induction.
Finally, the test case added in my previous patch had the wrong file extension
and is renamed in this one.
Task-number: QTBUG-61969
Change-Id: I45d891f2467a71d8d105822ef7eb1a73c3efa67a
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
The added test case is the binary JSON equivalent of
{"a":{"š":null}}
with two modifications. First, the length of the string "š" has been corrupted
to 0xFFFFFF00. Second and more import, the Base::size field of the inner object
has been reset to 0.
On its own the first modification would normally trigger a validation error.
However, due to the second modification the Value::usedStorage for the inner
object evaluates to 0, completely disabling all further validation of the
object's contents.
Attempting to convert this binary JSON into standard JSON will lead to the JSON
writer trying to construct a QString of length 0xFFFFFF00.
Fixed by validating also objects with usedStorage == 0.
Task-number: QTBUG-61969
Change-Id: I5e59383674dec9be89361759572c0d91d4e16e01
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
The added test case is a binary JSON file describing an array which contains
itself. This file passes validation even though attempting to convert it to
plain JSON leads to an infinite loop. Fixed by rejecting it in validation.
Task-number: QTBUG-61969
Change-Id: Ib4472e9777d09840c30c384b24294e4744b02045
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
This method takes a pointer+size pair, but begins reading through the pointer
without first checking the size parameter. Fixed by checking the size parameter.
A new test case is added with an empty binary json file. Although the test does
not fail under normal conditions, the problem can be detected using valgrind or
AddressSanitizer.
Task-number: QTBUG-61969
Change-Id: Ie91cc9a56dbc3c676472c614d4e633d7721b8481
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
This allow to customize easily placeholders in QLineEdit by example.
Change-Id: I2bb379164376e1d88b42d6c86c2e5b8df99fbc56
Reviewed-by: Richard Moe Gustavsen <richard.gustavsen@qt.io>
[ChangeLog][QtCore][QJsonValue] fromVariant() conversion now converts
from QUrl and QUuid using special encoding forms to ensure best JSON
compatibility.
Change-Id: I56b444f9d6274221a3b7fffd150cdc5ca1f87ff1
Reviewed-by: Simon Hausmann <simon.hausmann@qt.io>
For compatibility with other parsers that may expect it to be so.
Change-Id: I56b444f9d6274221a3b7fffd150cd66390f98fd5
Reviewed-by: Simon Hausmann <simon.hausmann@qt.io>
This is in preparation to adding CBOR support. We don't need yet another
dir for CBOR and placing it in src/corelib/json is just wrong.
Change-Id: I9741f017961b410c910dfffd14ffb9d870340fa6
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@qt.io>
Reviewed-by: Lars Knoll <lars.knoll@qt.io>