[Interest] Is it safe to use QDataStream to parse data from untrusted source?
Alexander Dyagilev
alervdvcw at gmail.com
Thu May 12 17:30:16 CEST 2022
Hello,
I use QDataStream to serialize QByteArray and QVariantHash (i.e. get
QByteArray and QVariantHash objects from stream).
I use this to process data from connections in my own custom server
(publicly accessible).
Is it safe to use QDataStream? E.g. can it crash / stack overflow / etc.
on malformed data?
I've found ticket in which it's stated that one should not use
QDataStream to parse data from untrused source. Is it still true?
https://bugreports.qt.io/browse/QTBUG-28518
More information about the Interest
mailing list