aboutsummaryrefslogtreecommitdiffstats
path: root/src/qml/jsruntime/qv4compilationunitmapper_win.cpp
Commit message (Collapse)AuthorAgeFilesLines
* CRA review qml/jsruntimeFabian Kosmale2025-09-161-0/+1
| | | | | | | | | | | | | | | | | | This relies heavily on the documented fact that we only support trusted QML/JS content, meaning most files are only significant, not critical. This also extends to the handling of qmlc files (as in compilationunitmapper), as we store them in a user owned, non-shared cache directory – so any vulnerability there would already mean that an attacker has write-priviledges on user data. An exception is ArrayBuffer, which can be used with arbitrary user data, and should create a valid QBA. Fixes: QTBUG-136970 Pick-to: 6.10 6.9 6.8 QUIP: 23 Change-Id: I22033fe6ab4acf8362a8183e25b92331d45cb32c Reviewed-by: Ulf Hermann <ulf.hermann@qt.io>
* QtQml: Move header verification into CompiledData::UnitUlf Hermann2024-01-231-5/+7
| | | | | | | | There is nothing that makes it depend on ExecutableCompilationUnit. Change-Id: I482dfc0177530f748bb90e5373c64ca5558d8629 Reviewed-by: Olivier De Cannière <olivier.decanniere@qt.io> Reviewed-by: Fabian Kosmale <fabian.kosmale@qt.io>
* QML diskcache: Verify cache file sizeFabian Kosmale2023-10-061-0/+17
| | | | | | | | | | | | | | | | | | We can't rely on the checksum verification, as we still assume that we can read all bytes in the range claimed by the unit's header. If for some reason the cache file has been truncated, that will lead to crashes due to out-of-bound reads. As we already store the unit's size in the header, use it for an initial verification before doing any further work. Initial test case was provided by Harald Sitter <sitter@kde.org>. Pick-to: 6.6 6.5 6.2 5.15 Fixes: QTBUG-117130 Change-Id: Idd20191ed0e0ef9c37985c4c64124578f0607ad3 Reviewed-by: Semih Yavuz <semih.yavuz@qt.io> Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org> Reviewed-by: Ulf Hermann <ulf.hermann@qt.io>
* Use SPDX license identifiersLucie Gérard2022-06-111-38/+2
| | | | | | | | | | | | Replace the current license disclaimer in files by a SPDX-License-Identifier. Files that have to be modified by hand are modified. License files are organized under LICENSES directory. Pick-to: 6.4 Task-number: QTBUG-67283 Change-Id: I63563bbeb6f60f89d2c99660400dca7fab78a294 Reviewed-by: Shawn Rutledge <shawn.rutledge@qt.io>
* Remove winrtOliver Wolff2020-06-041-6/+0
| | | | | | | | | Task-number: QTBUG-84434 Change-Id: If8f57f00726868a3540c877d07fca761618e4f08 Reviewed-by: Friedemann Kleint <Friedemann.Kleint@qt.io> Reviewed-by: Fabian Kosmale <fabian.kosmale@qt.io> Reviewed-by: Maurice Kalinowski <maurice.kalinowski@qt.io> Reviewed-by: Ulf Hermann <ulf.hermann@qt.io>
* Move the header checking into ExecutableCompilationUnitUlf Hermann2019-06-141-2/+2
| | | | | | | | | We don't need to verify the header unless we want to execute the code. Change-Id: Ieac51c47faafcd7047228b4264aa7750ba3d8889 Reviewed-by: Simon Hausmann <simon.hausmann@qt.io>
* Eliminate qmldevtools_buildUlf Hermann2019-05-311-0/+128
Move the relevant files into more fitting locations and build the devtools from only parser, compiler and qmldirparser. Change-Id: Ibf37a1187f36d02983f9f43c6622acb243785b7b Reviewed-by: Simon Hausmann <simon.hausmann@qt.io>
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-01 21:59:36 +0000