[Interest] Is it safe to use QDataStream to parse data from untrusted source?

Thiago Macieira thiago.macieira at intel.com
Thu May 12 18:27:06 CEST 2022

On Thursday, 12 May 2022 08:30:16 PDT Alexander Dyagilev wrote:
> Is it safe to use QDataStream? E.g. can it crash / stack overflow / etc.
> on malformed data?

It's not safe.

The XML, CBOR, and JSON parsers can parse untrusted data and are tested by the 
Google Fuzzer project to ensure we keep them that way.

Thiago Macieira - thiago.macieira (AT) intel.com
  Cloud Software Architect - Intel DCAI Cloud Engineering

More information about the Interest mailing list