[Interest] Is it safe to use QDataStream to parse data from untrusted source?

Alexander Dyagilev alervdvcw at gmail.com
Thu May 12 20:41:54 CEST 2022

Thank you for the response!

Is it also true for Qt 5.12? I mean, was CBOR parser of it tested by the 
Google Fuzzer project?

On 5/12/2022 7:27 PM, Thiago Macieira wrote:
> On Thursday, 12 May 2022 08:30:16 PDT Alexander Dyagilev wrote:
>> Is it safe to use QDataStream? E.g. can it crash / stack overflow / etc.
>> on malformed data?
> It's not safe.
> The XML, CBOR, and JSON parsers can parse untrusted data and are tested by the
> Google Fuzzer project to ensure we keep them that way.

More information about the Interest mailing list