1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
|
From 837b5163e17edbd3a9f098e9a1ab73febab419b4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20L=C3=B6hning?= <robert.loehning@qt.io>
Date: Mon, 24 Apr 2023 15:27:17 +0200
Subject: [PATCH] QSvgFont: Initialize used member, remove unused
Credit to OSS-Fuzz
[ChangeLog][QtSvg] Fixed undefined behavior from using uninitialized
variable.
Pick-to: 6.5 6.2 5.15
Coverity-Id: 22618
Change-Id: Id52277bb0e2845f4d342e187dbb8093e9276b70c
Reviewed-by: Eskil Abrahamsen Blomfeldt <eskil.abrahamsen-blomfeldt@qt.io>
(cherry picked from commit ff22c3ccf8ccf813fdcfda23f7740ba73ba5ce0a)
---
src/svg/qsvgfont_p.h | 5 ++---
src/svg/qsvghandler.cpp | 2 +-
2 files changed, 3 insertions(+), 4 deletions(-)
diff --git a/src/svg/qsvgfont_p.h b/src/svg/qsvgfont_p.h
index fd0a3fab..fcffbe85 100644
--- a/src/svg/qsvgfont_p.h
+++ b/src/svg/qsvgfont_p.h
@@ -74,6 +74,7 @@ public:
class Q_SVG_PRIVATE_EXPORT QSvgFont : public QSvgRefCounted
{
public:
+ static constexpr qreal DEFAULT_UNITS_PER_EM = 1000;
QSvgFont(qreal horizAdvX);
void setFamilyName(const QString &name);
@@ -86,9 +87,7 @@ public:
void draw(QPainter *p, const QPointF &point, const QString &str, qreal pixelSize, Qt::Alignment alignment) const;
public:
QString m_familyName;
- qreal m_unitsPerEm;
- qreal m_ascent;
- qreal m_descent;
+ qreal m_unitsPerEm = DEFAULT_UNITS_PER_EM;
qreal m_horizAdvX;
QHash<QChar, QSvgGlyph> m_glyphs;
};
diff --git a/src/svg/qsvghandler.cpp b/src/svg/qsvghandler.cpp
index 8dda5632..222b6d89 100644
--- a/src/svg/qsvghandler.cpp
+++ b/src/svg/qsvghandler.cpp
@@ -2671,7 +2671,7 @@ static bool parseFontFaceNode(QSvgStyleProperty *parent,
qreal unitsPerEm = toDouble(unitsPerEmStr);
if (!unitsPerEm)
- unitsPerEm = 1000;
+ unitsPerEm = QSvgFont::DEFAULT_UNITS_PER_EM;
if (!name.isEmpty())
font->setFamilyName(name);
--
GitLab
|
