[Development] Can we pass QTextDocument arbitary data?
Thiago Macieira
thiago.macieira at intel.com
Thu Jan 22 02:25:18 CET 2026
On Wednesday, 21 January 2026 15:17:50 Pacific Standard Time Albert Astals Cid
wrote:
> We have found a garbage string that when passed to QTextDocument makes it
> assert
Code in question is this:
const bool isSurrogate = c.isHighSurrogate() && i < length - 1;
const char32_t ucs4 = isSurrogate
? QChar::surrogateToUcs4(c, string[++i])
: c.unicode();
const QUnicodeTables::Properties *p = QUnicodeTables::properties(ucs4);
It doesn't verify that the code unit after the high surrogate is a low
surrogate. That must be why it ended up with a UTF-32 code unit outside of the
Unicode range.
This could be fixed in QTextEngine. But I would argue that passing corrupted
UTF-16 to any Qt API outside of QString itself is the bug.
--
Thiago Macieira - thiago.macieira (AT) intel.com
Principal Engineer - Intel DCG - Platform & Sys. Eng.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5150 bytes
Desc: not available
URL: <http://lists.qt-project.org/pipermail/development/attachments/20260121/8931d40a/attachment.bin>
More information about the Development
mailing list