[Development] Security bulletin: Deprecating QRect
Friedemann Kleint
Friedemann.Kleint at theqtcompany.com
Fri Apr 1 10:58:19 CEST 2016
Hi,
as discussed in the thread "Re: [Development] Fixing QRect::width() /
height()", QRect can be misused to trigger undefined behaviour. This
pattern has been observed in recent ransomware attacks using the new
High DPI feature in Qt 5.6 to place windows at bottom right positions on
High DPI screens inducing undefined behaviour. To fix this, the class
QRect will be deprecated as of now in a patch release 5.6.0.1. The
maintainers are kindly asked for a quick review of
https://codereview.qt-project.org/154371 and the release team to prepare
the patch release.
Regards,
Friedemann
--
Friedemann Kleint The Qt Company
More information about the Development
mailing list