These two-arg open() functions aren't used anywhere. I couldn't find the
last obvious use of either, so gave up doing further searches as
unnecessary work.
Pick-to: 6.10 6.9 6.8
Change-Id: Ie02540f8ed968591d009fffd6bbf11b568f6916f
Reviewed-by: Ahmad Samir <a.samirh78@gmail.com>
They were marked as significant since no critical security situation was
found.
QUIP: 23
Fixes: QTBUG-135737
Pick-to: 6.10 6.8
Change-Id: I9a633bcac2ac3e2f3647f702d85504fc249acbed
Reviewed-by: Volker Hilsheimer <volker.hilsheimer@qt.io>
It's only used by the unit test, so we shouldn't need it in regular
builds. In doing that, we can also fix the file descriptor leak on
Windows.
Pick-to: 6.10
Change-Id: I38f87e4acc15167f8284fffdf8d76f09242aa787
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
The role value might not map to a property, in which case the
QMetaProperty will be invalid. We already handle this in readRole, so
test for the valid property in writeRole as well.
Add crash-test to the setData() test case; we can write arbitrary role
values to items backed by maps, so don't verify the return value of
setData.
Pick-to: 6.10 6.10.0
Change-Id: I780281cb7f1bbbe6db1f66dcc978ae45a443b716
Reviewed-by: Fabian Kosmale <fabian.kosmale@qt.io>
When mapping properties as role names to role values, we use the pre-
defined values for properties that match the standard role names, e.g.
a property "display" is mapped to Qt::DisplayRole. Properties with
custom names are then mapped to Qt::UserRole...
If we leave gaps in the Qt::UserRole... sequence when a property with a
standard name is found, then the role values become unpredictable and
hard to use correctly from code. So don't increment the role value when
a property with a standard name is found.
Add test coverage.
Pick-to: 6.10 6.10.0
Change-Id: If54833e94aa52ee5f387029ca4c88ad6b9d2348e
Reviewed-by: Fabian Kosmale <fabian.kosmale@qt.io>
This callback was done on the decor view and wasn't calling the base
onApplyWindowInsets() practically ignoring base insets like system
decorations, this then messes with the default behavior of system
bars making calls to customize color schemes have unexpected
behavior at least or at worse not working at all. Fixing this brings
back the expected behavior of the insets when in the case of the
linked ticket, we would get back correct handling of navigation
bar semi-transparent bars where the bar icons have low contrast
compared to the content below it.
Pick-to: 6.10 6.9 6.8
Fixes: QTBUG-139690
Change-Id: I5b46f6f6e0c7850fba117a0ba76d3a693c1cb37b
Reviewed-by: Tor Arne Vestbø <tor.arne.vestbo@qt.io>
QString and QByteArray are critical, too, and not because of their
ownership semantics, but because of the algorithms operating on
them. The views have largely the same algorithms, so the same
rationale applies here.
Unlike the owning containers, the views are mostly inline, so mark the
headers. The implementation files, OTOH, are not critical, because
they contain only trivial implementation:
- QDebug op<< (qanystringview.cpp)
- none (qstringview.cpp)
The qdoc files, some of which have in the past moved from qdoc to cpp
and/or back, are insignificant reason:docs.
Task-number: QTBUG-135195
Pick-to: 6.10.0 6.10 6.9 6.8
Change-Id: Ic7874d5d28a966be52813ada36e65f488e6fb653
Reviewed-by: Ivan Solovev <ivan.solovev@qt.io>
Its .cpp is, too, and, unfortunately, the header contains one function
that parses strings (unicodeForDigit()).
Amends 8df072fc80.
Task-number: QTBUG-135195
Pick-to: 6.10.0 6.10 6.9 6.8
Change-Id: I73ecd48ee6f1f22eed794629617d269251c30e68
Reviewed-by: Ivan Solovev <ivan.solovev@qt.io>
While the vast majority of the file is generated tables (which
shouldn't be in a header, cf. QTBUG-128930), there's AlphaCode, which
has an open bug potentially exposed to external input
(cf. QTBUG-138562), so clearly, while that component is in the header
(a patch in the chain for QTBUG-138562 moves it out of there), the
header is security-critical.
Task-number: QTBUG-135195
Pick-to: 6.10 6.10.0 6.9 6.8
Change-Id: I866938c4bc7bc5be4cce70f04b91fbc1a8d13a4e
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
This is a form of type erasure and therefore should be implicit: a
function `f(QFuture<void>)` should be callable as `f(future)` for any
`QFuture<T> future`. Drop the `explicit`. This is also in line with the
existing converting assignment operator.
Pick-to: 6.10 6.9 6.8
Fixes: QTBUG-139790
Change-Id: Ib63edf197285cce2c95a28b0308ddc7256e4af2b
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Ivan Solovev <ivan.solovev@qt.io>
While testing defining Q_DECL_PURE_FUNCTION for MSVC I discovered
it cannot handle having the marker trailing, while GCC/clang can cope
with either.
Change-Id: Ic9dd088996c191263e2f2a43c2f6a16533bdb9c5
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
This reverts commit 6db355c6cd.
Reason for revert: QTBUG-140377
Change-Id: I5dbdb1fc5e99d3957f9a941299c35b49e554ecfb
Reviewed-by: Ville Voutilainen <ville.voutilainen@qt.io>
The file contains checks for __cpp_lib_bitops and __cpp_lib_int_pow2,
but the C++20 <bit> header was only guarded by the first check.
Apparently, it's possible that only one of them is defined, so extend
the include guard.
Amends c02289f8dc
Change-Id: I49fdd4e2a2e999da653b4dfa551a499775b6e281
Reviewed-by: Fabian Kosmale <fabian.kosmale@qt.io>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
We have QT_FEATURE_ssl dependent on one of QT_FEATURE_(openssl/securetransport/schannel),
but it's also possible to provide -no-ssl option to the configure script. This essentially
disables/switches OFF QT_FEATURE_ssl, but it does not affect QT_FEATURE_whatevertls,
which has its own 'no' option, like -no-securetransport or -no-openssl. This potentially
leaves us with inconsistent source code checks for features, which are assuming QT_CONFIG(openssl)
also implies QT_CONFIG(ssl). To resolve this problem, make dtls and TLS plugins require
QT_FEATURE_ssl (in addition to QT_FEATURE_openssl/securetransport/schannel).
Fixes: QTBUG-140203
Pick-to: 6.10 6.9 6.8 6.5
Change-Id: I276d952283eb7a67ba7b9196a0a5a400b9504656
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
What looks like an antithetical change actually makes sense: we open the
file with FILE_FLAG_DELETE_ON_CLOSE, which causes the file to be deleted
when we CloseHandle(). In fact, this is exactly how wine implements
DeleteFile[1].
The difference between this and DeleteFile itself is that we are opening
the file for writing but not allowing any sharing. This means no other
process in the system can open the file at the same time as we do, even
if they want to cooperate in deleting it.
[1] https://github.com/wine-mirror/wine/blob/wine-10.15/dlls/kernelbase/file.c#L1011
Fixes: QTBUG-140053
Pick-to: 6.10 6.9 6.8
Change-Id: Iba265eba236f496ce5c9fffdc5daf95d5f429358
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
This then avoids creating a QFilePrivate, QFSFileEngine, and
QFSFileEnginePrivate only to call QFileSystemEngine::removeFile(). We
are definitely using native files in this class, so we can skip all of
those classes.
We use the system call in removeStaleLock() anyway for Unix.
Pick-to: 6.10 6.9 6.8
Change-Id: I19ea637567ae38d31888fffd61ec79ae3eec50af
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
The only critical code in widgets styling is the QStyleSheetStyle
implementation. While it doesn't parse the CSS code directly (that is
done by the internal QCssParser), it interprets the rules and also
checks value strings for unit markers, such as "em" or "ex".
Style sheet code might come from an untrusted source, and even though it
is then application code setting the style sheet (or even the end user
via command line arguments), the application has no meaningful way to
verify that the style sheet code is not malformed.
The rest of the styling code is not security critical. Styles access
files (such as icons) embedded into the binary through the Qt resource
system, which can be trusted; or they use pixmaps provided by the
application, such as the QPixmapStyle. Some styles use native APIs to
get relevant data; we also trust those APIs.
Plugins are loaded through the regular Qt plugin loading machinery,
and any security critical code involved in the finding and loading of
shared libraries lives there.
QUIP: 23
Fixes: QTBUG-135742
Pick-to: 6.10 6.9 6.8
Change-Id: I073440eb4e3b561822b9b54e8dcad923803c92f6
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
The tricky case now would be to handle the case when the user tries
to call open() several times. Make sure that after the first operation
is started, all the subsequent attempts to open will fail until the
first operation is finished. Obviously, if the first open() was
successful, the file needs to be closed before it can be re-opened.
Add unit-tests to cover these cases.
Also add some tests for close() corner cases. These tests are useful
for this commit, as the logic of opening the file got more complicated.
Task-number: QTBUG-136763
Change-Id: Id505e6278fbc1d523a52b54e69ba896a3d754762
Reviewed-by: Fabian Kosmale <fabian.kosmale@qt.io>
Add tests that check read/write operations with empty buffers.
For owning read also test a case when a negative maxSize is provided.
The latter revealed that the code was not handling negative maxSize
properly. So, add a warning and reset it to zero in such case.
The value of zero does not have any special meaning, and would simply
result into the operation emitting finished() immediately.
Task-number: QTBUG-136763
Change-Id: I72232a788ce2a18188f76d50db00b09b1af57169
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Fabian Kosmale <fabian.kosmale@qt.io>
The flush() operation would normally return bool, indicating if it was
successful or not. As a result, we can use a base QIOOperation to
represent the async call, and just check its error code.
The new tests are designed with the assumption that flush() would act
as a barrier operation, making sure that all read/write operations
before it will finish.
Task-number: QTBUG-136763
Change-Id: I4119eb3218da1985a63fe808da7be754caf4e9d7
Reviewed-by: Fabian Kosmale <fabian.kosmale@qt.io>
We generated faulty .prl files for Qt modules that link against library
file names like "libavformat.a". The .prl file contained wrong LIBS
entries like "-llibavformat.a".
Now, we check whether a library entry looks like a library file name and
don't prepend the -l in that case.
Fixes: QTBUG-138596
Pick-to: 6.10 6.8
Change-Id: I44ce5de91e4575bb45d391db4f1d3d70efefcdfa
Reviewed-by: Alexandru Croitor <alexandru.croitor@qt.io>
The leftover header is not generated anymore, so we may remove any
related handling.
Amends a966d7be48
Change-Id: I59167989e64da3a56023ff82bad7f2831e39b5c0
Reviewed-by: Tor Arne Vestbø <tor.arne.vestbo@qt.io>
The class was (deeply) copyable, but not movable. Add the missing move
SMFs, member-swap(), and Q_DECLARE_SHARED (which adds ADL swap() and
QTypeInfo).
The inline operations do not break encapsulation, and they bind future
extensions only insofar as the freeBuffer variable only gets copied;
the source isn't modified. This is ok for flags, incl. for freeBuffer
itself, as free(nullptr) is a well-defined no-op. If we need more,
chances are we wouldn't have fit it into the 31-bits "unused" bits,
either, and we would need a V2 class, anyway.
Fixes: QTBUG-138659
Change-Id: Idea621b8cc8e4fce471071099f70d3ab9d20f368
Reviewed-by: Ahmad Samir <a.samirh78@gmail.com>
Reviewed-by: Ivan Solovev <ivan.solovev@qt.io>
The script checked that a certain path element is 'qtbase', which
fails if the qtbase checkout is called something else. E.g., for me,
that's qtbase-submit.
Fix by checking the other path elements, but not the module name.
Amends 3ac029f674.
Pick-to: 6.10 6.9 6.8 6.5
Change-Id: I651cb168990b93939f339f8d75cb71c31fa6f2a4
Reviewed-by: Ivan Solovev <ivan.solovev@qt.io>
It is expected that this is no longer needed.
The upstream issue¹ is closed since 2016-09-05 (nine years ago at this
point; even though the work-around was added to Qt still two years
after upstream was fixed).
Amends e59ba35f1b (for the generator)
and a2efb8d94b (for the generated file;
squashed into 29c0377f07 for the linear
history)
¹ https://github.com/emscripten-core/emscripten/issues/4540
Task-number: QTBUG-66621
Task-number: QTBUG-69421
Task-number: QTBUG-74511
Pick-to: 6.10 6.9 6.8 6.5
Change-Id: I9b08792aa4f5f18240d9425c44fa7a88e63e27da
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Lorn Potter <lorn.potter@qt.io>
This is in preparation for storing this information in a separate
array to save space by removing the many duplicates in there.
Pick to all active branches to have the same internal API going
forward, even if we don't pick the storage optimization back as far.
Qt 6.5 doesn't have QSpan, yet (not even as private API), but
returning a reference to const std::array<.,4> will be an adequate
replacement. To enable that without casting, convert `cases` from a C
array to a std::array. For some reason, this requires extra
parentheses, so add them.
Task-number: QTBUG-139427
Pick-to: 6.10 6.9 6.8 6.5
Change-Id: I5331fd6d71a6a447b0445d8235b5eb8e38178e2e
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
As a drive-by, reorder and regroup changed includes to separate
includes from different modules from each other.
Pick-to: 6.10 6.9 6.8 6.5
Change-Id: I3bcca2a75ada7b6d99ef763e0ce8cfbd0750f004
Reviewed-by: Marc Mutz <marc.mutz@qt.io>
Tag all sources with the default, 'significant'. The framework only
processes data provided by the application in form of items or
structured data types, and doesn't access any data that's outside the
application's direct control.
QUIP: 23
Fixes: QTBUG-135738
Pick-to: 6.10 6.9 6.8
Change-Id: I4f075da3fbda2970f58af21e4b93842ca764ddec
Reviewed-by: Piotr Wierciński <piotr.wiercinski@qt.io>
AutoMoc: src/plugins/platforms/wayland/qwaylandwindowmanagerintegration_p.h:
note: No relevant classes found. No output generated.
The class doesn't inherit from QObject, and so doesn't have any signals
or slots.
Amends 4a57ddd3ba, which is only in 6.10
(this file was copied from qtwayland to qtbase?).
Pick-to: 6.10
Change-Id: I9f702807574072099a96f4057a91e624ddca9c70
Reviewed-by: David Redondo <qt@david-redondo.de>
It has no UI components and doesn't use the resource system,
so we don't need these.
Change-Id: I316a8a1e7f965acc45c31d28aeed09910c122f4c
Reviewed-by: Robert Löhning <robert.loehning@qt.io>
Through the use of QApplicationStatic we need to create
an *Application before instantiating the TLS backends.
Change-Id: I1e72ca349f7fed19cec88328fad446cfbcb4f06c
Reviewed-by: Robert Löhning <robert.loehning@qt.io>
The instructions build CMake targets docs_android and
android_source_jars after qtbase is built.
Task-number: QTBUG-138976
Change-Id: I585834463eed8d47742cc17d19103c5060b7fb3b
Reviewed-by: Topi Reiniö <topi.reinio@qt.io>
Reviewed-by: Nicholas Bennett <nicholas.bennett@qt.io>
Assign the default level to all files but qheaderview.cpp which parses
input in read().
QUIP: 23
Fixes: QTBUG-135739
Pick-to: 6.10 6.9 6.8
Change-Id: Idf295f0af63b418793a67d43c1c1d6e39dc92d37
Reviewed-by: Volker Hilsheimer <volker.hilsheimer@qt.io>
It is logical that incrementing a date by 1 results in the following
day (rather than the following month or year). Add the pre- and postfix
increment operators as hidden friends, and declare a difference_type
to be qint64. With these additions, QDate models the
weakly_incrementable concept, allowing for it to be used with
std::views::iota.
For symmetry, although not needed for the weakly_incrementable concept,
also add operator--. One could add operator+/+= for std::chono::days,
but it is neither adding symmetry, nor is it required for a relevant
concept, so not doing that (in this commit).
For QTime (and from that, QDateTime), there is no logical "next";
incrementing by a Planck time (as the smallest unit of time) is not
useful, and anything else is arbitrary.
[ChangeLog][Core][QDate] QDate now models the std::weakly_incrementable
concept by implementing pre- and postfix increment (and decrement)
operators.
Change-Id: I87e68f014834446b6444f23ff0e2f16bdc227a14
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
The SBOM project version handling had some issues.
If USE_GIT_VERSION was used by a project, the spdx file name would
never get a version suffix, even if the project also passed an
explicit VERSION option.
So either USE_GIT_VERSION or VERSION was used, but not both.
Rework the code so that first the git version if is queried if
USE_GIT_VERSION is passed, and then that gets overridden with the
value of VERSION if that is passed.
VERSION will be used as the version suffix for the spdx file
name even when git info is available, by storing it in the
QT_SBOM_EXPLICIT_VERSION global property and using it at the
appropriate call site.
Also add a new QT_SBOM_VERSION_OVERRIDE variable that can be used
to override the explicit version, if needed.
Pick-to: 6.8 6.9 6.10
Task-number: QTBUG-134894
Change-Id: I999f731493ddffcc6974edeca0adacefcc85b9d9
Reviewed-by: Joerg Bornemann <joerg.bornemann@qt.io>
Currently _MSC_VER is defined to 1950 for the preview build.
Pick-to: 6.10 6.9 6.8 6.5
Change-Id: I81a4191715307d347d17c811456ea7bd7cfa283c
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Tag code that constructs SQL statements, parses results, or deals with
user credentials as security critical. This is the driver code, the
implementation of QSqlResult, QSqlTableModel, and the QSqlDatabase
implementation (which deals with, and optionally stores, credentials).
The rest of the code is not critical and gets the default tag.
Fixes: QTBUG-135591
Pick-to: 6.10 6.9 6.8
Change-Id: I18fb565fd27ed8d1c9c1f3a1f572816b718eb3e8
Reviewed-by: Mate Barany <mate.barany@qt.io>
A qWaitFor already tries for 5000ms, spinning the event loop in the
process. Wrapping that in a QTRY_VERIFY resulted in a 4-5 minute
wait when the waited expression never happened, instead of the
normal 5000ms timeout.
Pick-to: 6.10 6.9 6.8
Change-Id: I8e59a73ccdb3007c4969d69e3bd09a35c34ea73d
Reviewed-by: Axel Spoerl <axel.spoerl@qt.io>
When Qt::CustomizeWindowHint in combination with Qt::ExpandedClientAreaHint is set, we are not returning any hittest region for WM_NCHITTEST, resulting in ignoring mouse events. This patch adds another code path to handle WM_NCHITTEST in this case properly. A test whether a Widget was hit is performed with QWSI with the current coordinates and button state of the mouse. In case a widget was hit the event is consumed and NCHITTEST will return HTCLIENT. In case no widget was hit, a check is performed whether the mouse event happened in the titlebar area and if so, the respective hittest region for the titlebar area is returned.
Fixes: QTBUG-137927
Pick-to: 6.10 6.9
Change-Id: I4531fec71eaaa20959a8015ea1babd6d36ee9341
Reviewed-by: Oliver Wolff <oliver.wolff@qt.io>
Assign the default level to all files but qfiledialog.cpp which parses
input in restoreState().
Fixes: QTBUG-135735
Pick-to: 6.10 6.9 6.8
Change-Id: I27e1f18e26e070130018ccf6fa47ccf78b635dc8
Reviewed-by: Volker Hilsheimer <volker.hilsheimer@qt.io>
If a GPU hangs or is reset, this flag ensures the application is
notified with a context loss event. This can then be queried by
platforms to make use of Qt's existing reset handling.
This is opt-in by applications based on the ResetNotification flag on
the requested format. If a robust context cannot be created, it falls
back to trying without this flag and the state is reflected in the
retrieved surfaceFormat matching the behavior of GLX.
Pick-to: 6.10
Change-Id: Idd53d275be8842f2d44bcd2b8c077c3ea19ca164
Reviewed-by: Laszlo Agocs <laszlo.agocs@qt.io>
The reason phrase is optional, and in http2+ it is not included at all.
So when we generate the error string as 'server replied: %2' it ends
up being unnatural and ugly, and certainly not fit for display.
To improve that, whenever there is no reason phrase, we instead
generate the string like 'server replied with status code %2'
and output the status code instead, which is included.
Fixes: QTBUG-140126
Pick-to: 6.10 6.9 6.8
Change-Id: Ife3ed920f6e1a15d83e5cd5dc9b0568fb195b642
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Mate Barany <mate.barany@qt.io>
Avoid crashing. There is already an early return for a null rhi,
do the same for the swapchain.
Task-number: QTBUG-139994
Pick-to: 6.10 6.9 6.8
Change-Id: Idb6d957236f60ae0b8356e24ecda3b6f566ed95f
Reviewed-by: Tor Arne Vestbø <tor.arne.vestbo@qt.io>
Thiago Macieira
MohammadHossein Qanbari
Dilek Akcay
Volker Hilsheimer
Assam Boudjelthia
Marc Mutz
Giuseppe D'Angelo
Mårten Nordheim
Jani Heikkinen
Ivan Solovev
Timur Pocheptsov
Joerg Bornemann
Alexey Edelev
Tor Arne Vestbø
Andri Yngvason
Ahmad Samir
Paul Wicking
Elias Toivola
Piotr Wiercinski
Alexandru Croitor
Wladimir Leuschner
David Edmundson
Laszlo Agocs