On 32-bit platforms, the range of qsizetype is smaller than the range
of the qint64 used as a parameter in seek().
When seek()ing beyond the current buffer's size, the old code relied
on a write() to fill the gap with NUL bytes. This has two problems:
First, this may allocate a huge amount of memory just to find that it
cannot write that much, possibly even taking the program down when the
allocation in the QByteArray ctor fails, instead of returning false from
seek().
Second, the QByteArray ctor to which we pass the gapSize only takes
qsizetype, not qint64, so we were writing data of size gapSize mod
(INT_MAX+1) on 32-bit platforms, which may succeed, just to find that
that wasn't the number of bytes we expected to be written. By that
time, however, the internal buffer has already been enlarged.
Fix by checking whether the desired seek position is within the limits
that QByteArray can contain early on, before attempting to construct
such a large QByteArray.
[ChangeLog][QtCore][QBuffer] Fixed silent data corruption on 32-bit
platforms when seek() fails due to position > INT_MAX.
Pick-to: 6.3 6.2 5.15
Fixes: QTBUG-102274
Change-Id: Ib63cef7e7e61ef8101a5f056c7b2198bb7baa228
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
4bc85b9850