[Interest] QTextEdit and Derivatives - Security Question
Shawn Rutledge
Shawn.Rutledge at qt.io
Mon May 4 10:15:04 CEST 2026
> On May 4, 2026, at 07:15, coroberti <coroberti at gmail.com> wrote:
>
> Hi,
> When loading by mistake (or deliberately) an exe file, i.e. renamed extension to txt, to an app example
> using the class QTextEdit, the editor hangs attempting the load.
>
> The question is whether it qualifies for a security issue?
It’s at least worth reporting a bug, I think. Does this happen with just about any binary, or you only tried once?
We have multiple parsers; I suppose any of them could have bad behavior when trying to load binaries as text. But we have oss-fuzz: it’s supposed to find such cases, and then we need to keep up with fixing what it finds. Predictably, the more complex parsers have more bugs; and it’s not a lot.
Anyway, please report a bug about this case.
More information about the Interest
mailing list