diff options
| author | Slávek Banko <slavek.banko@axis.cz> | 2015-03-09 22:30:38 +0100 |
|---|---|---|
| committer | Slávek Banko <slavek.banko@axis.cz> | 2015-12-13 00:36:11 +0100 |
| commit | 635d3fe606632d01dd8c98ec33a8a0c605644e21 (patch) | |
| tree | 8bfce1e17423a508ea9cf158b66943ddbe2d40e3 /src/xml/qxml.h | |
| parent | 169c39ae6bbaebe196124073af401a06ed381e65 (diff) | |
| download | qt3-635d3fe606632d01dd8c98ec33a8a0c605644e21.tar.gz qt3-635d3fe606632d01dd8c98ec33a8a0c605644e21.zip | |
Fix security issue CVE-2013-4549
[taken from RedHat Qt3 patches]
(cherry picked from commit 73584365f8600414fc5a114ec2f2d6750a7f77cc)
Diffstat (limited to 'src/xml/qxml.h')
| -rw-r--r-- | src/xml/qxml.h | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/src/xml/qxml.h b/src/xml/qxml.h index 11fbbdb..6d0bee8 100644 --- a/src/xml/qxml.h +++ b/src/xml/qxml.h @@ -307,6 +307,12 @@ private: QXmlSimpleReaderPrivate* d; + // The limit to the amount of times the DTD parsing functions can be called + // for the DTD currently being parsed. + static const uint dtdRecursionLimit = 2U; + // The maximum amount of characters an entity value may contain, after expansion. + static const uint entityCharacterLimit = 65536U; + const QString &string(); void stringClear(); inline void stringAddC() { stringAddC(c); } @@ -378,6 +384,7 @@ private: void unexpectedEof( ParseFunction where, int state ); void parseFailed( ParseFunction where, int state ); void pushParseState( ParseFunction function, int state ); + bool isExpandedEntityValueTooLarge(QString *errorMessage); void setUndefEntityInAttrHack(bool b); |