From 48767cec95b521d7a75359df4447c84a8d54de17 Mon Sep 17 00:00:00 2001 From: Dennis Oberst Date: Wed, 18 Jun 2025 14:22:45 +0200 Subject: [PATCH] generators: mark security critical source files Reviewed and marked all security critical files in the qtgrpc/src/tools directory. More information: https://contribute.qt-project.org/quips/23 Task-number: QTBUG-135456 Change-Id: I1328431d24aa330a40e95824fdcdbb34e6cf53cd Reviewed-by: Alexey Edelev (cherry picked from commit be37926280237005ba2756cddc994f5e7b76a9b4) Reviewed-by: Qt Cherry-pick Bot --- src/tools/qtgrpcgen/clientdeclarationprinter.cpp | 1 + src/tools/qtgrpcgen/clientdefinitionprinter.cpp | 1 + src/tools/qtgrpcgen/grpctemplates.cpp | 1 + src/tools/qtgrpcgen/qgrpcgenerator.cpp | 1 + src/tools/qtgrpcgen/qmlclientdeclarationprinter.cpp | 1 + src/tools/qtgrpcgen/qmlclientdefinitionprinter.cpp | 1 + src/tools/qtgrpcgen/serverdeclarationprinter.cpp | 1 + src/tools/qtprotobufgen/enumdeclarationprinter.cpp | 1 + src/tools/qtprotobufgen/enumdefinitionprinter.cpp | 1 + src/tools/qtprotobufgen/messagedeclarationprinter.cpp | 1 + src/tools/qtprotobufgen/messagedefinitionprinter.cpp | 1 + src/tools/qtprotobufgen/qprotobufgenerator.cpp | 1 + src/tools/qtprotoccommon/commontemplates.cpp | 1 + src/tools/qtprotoccommon/generatorbase.cpp | 1 + src/tools/qtprotoccommon/generatorcommon.cpp | 1 + 15 files changed, 15 insertions(+) diff --git a/src/tools/qtgrpcgen/clientdeclarationprinter.cpp b/src/tools/qtgrpcgen/clientdeclarationprinter.cpp index 1c65500e..087542fa 100644 --- a/src/tools/qtgrpcgen/clientdeclarationprinter.cpp +++ b/src/tools/qtgrpcgen/clientdeclarationprinter.cpp @@ -1,6 +1,7 @@ // Copyright (C) 2022 The Qt Company Ltd. // Copyright (C) 2019 Alexey Edelev // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only WITH Qt-GPL-exception-1.0 +// Qt-Security score:critical reason:data-parser #include "clientdeclarationprinter.h" diff --git a/src/tools/qtgrpcgen/clientdefinitionprinter.cpp b/src/tools/qtgrpcgen/clientdefinitionprinter.cpp index 400abd10..b7b3c828 100644 --- a/src/tools/qtgrpcgen/clientdefinitionprinter.cpp +++ b/src/tools/qtgrpcgen/clientdefinitionprinter.cpp @@ -1,6 +1,7 @@ // Copyright (C) 2022 The Qt Company Ltd. // Copyright (C) 2019 Alexey Edelev // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only WITH Qt-GPL-exception-1.0 +// Qt-Security score:critical reason:data-parser #include "clientdefinitionprinter.h" diff --git a/src/tools/qtgrpcgen/grpctemplates.cpp b/src/tools/qtgrpcgen/grpctemplates.cpp index d193b5da..1a8f53bf 100644 --- a/src/tools/qtgrpcgen/grpctemplates.cpp +++ b/src/tools/qtgrpcgen/grpctemplates.cpp @@ -1,5 +1,6 @@ // Copyright (C) 2022 The Qt Company Ltd. // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only WITH Qt-GPL-exception-1.0 +// Qt-Security score:critical reason:data-parser #include "grpctemplates.h" diff --git a/src/tools/qtgrpcgen/qgrpcgenerator.cpp b/src/tools/qtgrpcgen/qgrpcgenerator.cpp index 86b4e227..e09a1f70 100644 --- a/src/tools/qtgrpcgen/qgrpcgenerator.cpp +++ b/src/tools/qtgrpcgen/qgrpcgenerator.cpp @@ -1,5 +1,6 @@ // Copyright (C) 2022 The Qt Company Ltd. // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only WITH Qt-GPL-exception-1.0 +// Qt-Security score:critical reason:data-parser #include "qgrpcgenerator.h" #include "clientdeclarationprinter.h" diff --git a/src/tools/qtgrpcgen/qmlclientdeclarationprinter.cpp b/src/tools/qtgrpcgen/qmlclientdeclarationprinter.cpp index 2a29e642..755f0582 100644 --- a/src/tools/qtgrpcgen/qmlclientdeclarationprinter.cpp +++ b/src/tools/qtgrpcgen/qmlclientdeclarationprinter.cpp @@ -1,5 +1,6 @@ // Copyright (C) 2023 The Qt Company Ltd. // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only WITH Qt-GPL-exception-1.0 +// Qt-Security score:critical reason:data-parser #include "qmlclientdeclarationprinter.h" diff --git a/src/tools/qtgrpcgen/qmlclientdefinitionprinter.cpp b/src/tools/qtgrpcgen/qmlclientdefinitionprinter.cpp index f939ad35..b7055f08 100644 --- a/src/tools/qtgrpcgen/qmlclientdefinitionprinter.cpp +++ b/src/tools/qtgrpcgen/qmlclientdefinitionprinter.cpp @@ -1,5 +1,6 @@ // Copyright (C) 2023 The Qt Company Ltd. // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only WITH Qt-GPL-exception-1.0 +// Qt-Security score:critical reason:data-parser #include "qmlclientdefinitionprinter.h" diff --git a/src/tools/qtgrpcgen/serverdeclarationprinter.cpp b/src/tools/qtgrpcgen/serverdeclarationprinter.cpp index 121d82fa..77096b1c 100644 --- a/src/tools/qtgrpcgen/serverdeclarationprinter.cpp +++ b/src/tools/qtgrpcgen/serverdeclarationprinter.cpp @@ -1,6 +1,7 @@ // Copyright (C) 2022 The Qt Company Ltd. // Copyright (C) 2019 Alexey Edelev // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only WITH Qt-GPL-exception-1.0 +// Qt-Security score:critical reason:data-parser #include "serverdeclarationprinter.h" diff --git a/src/tools/qtprotobufgen/enumdeclarationprinter.cpp b/src/tools/qtprotobufgen/enumdeclarationprinter.cpp index a3f5274d..7efca762 100644 --- a/src/tools/qtprotobufgen/enumdeclarationprinter.cpp +++ b/src/tools/qtprotobufgen/enumdeclarationprinter.cpp @@ -1,6 +1,7 @@ // Copyright (C) 2022 The Qt Company Ltd. // Copyright (C) 2019 Alexey Edelev // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only WITH Qt-GPL-exception-1.0 +// Qt-Security score:critical reason:data-parser #include "enumdeclarationprinter.h" #include "generatorcommon.h" diff --git a/src/tools/qtprotobufgen/enumdefinitionprinter.cpp b/src/tools/qtprotobufgen/enumdefinitionprinter.cpp index 0cf654b6..5e505270 100644 --- a/src/tools/qtprotobufgen/enumdefinitionprinter.cpp +++ b/src/tools/qtprotobufgen/enumdefinitionprinter.cpp @@ -1,6 +1,7 @@ // Copyright (C) 2022 The Qt Company Ltd. // Copyright (C) 2020 Alexey Edelev , Tatyana Borisova // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only WITH Qt-GPL-exception-1.0 +// Qt-Security score:critical reason:data-parser #include "enumdefinitionprinter.h" diff --git a/src/tools/qtprotobufgen/messagedeclarationprinter.cpp b/src/tools/qtprotobufgen/messagedeclarationprinter.cpp index 3197629f..ed30f853 100644 --- a/src/tools/qtprotobufgen/messagedeclarationprinter.cpp +++ b/src/tools/qtprotobufgen/messagedeclarationprinter.cpp @@ -1,6 +1,7 @@ // Copyright (C) 2023 The Qt Company Ltd. // Copyright (C) 2020 Alexey Edelev , Tatyana Borisova // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only WITH Qt-GPL-exception-1.0 +// Qt-Security score:critical reason:data-parser #include "messagedeclarationprinter.h" #include "utils.h" diff --git a/src/tools/qtprotobufgen/messagedefinitionprinter.cpp b/src/tools/qtprotobufgen/messagedefinitionprinter.cpp index 6903bd8c..4ebc9618 100644 --- a/src/tools/qtprotobufgen/messagedefinitionprinter.cpp +++ b/src/tools/qtprotobufgen/messagedefinitionprinter.cpp @@ -1,6 +1,7 @@ // Copyright (C) 2023 The Qt Company Ltd. // Copyright (C) 2019 Alexey Edelev , Tatyana Borisova // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only WITH Qt-GPL-exception-1.0 +// Qt-Security score:critical reason:data-parser #include "messagedefinitionprinter.h" diff --git a/src/tools/qtprotobufgen/qprotobufgenerator.cpp b/src/tools/qtprotobufgen/qprotobufgenerator.cpp index 02994b61..531193aa 100644 --- a/src/tools/qtprotobufgen/qprotobufgenerator.cpp +++ b/src/tools/qtprotobufgen/qprotobufgenerator.cpp @@ -1,6 +1,7 @@ // Copyright (C) 2022 The Qt Company Ltd. // Copyright (C) 2019 Alexey Edelev // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only WITH Qt-GPL-exception-1.0 +// Qt-Security score:critical reason:data-parser #include "qprotobufgenerator.h" #include "enumdeclarationprinter.h" diff --git a/src/tools/qtprotoccommon/commontemplates.cpp b/src/tools/qtprotoccommon/commontemplates.cpp index b39d8bf3..eb16adcd 100644 --- a/src/tools/qtprotoccommon/commontemplates.cpp +++ b/src/tools/qtprotoccommon/commontemplates.cpp @@ -1,6 +1,7 @@ // Copyright (C) 2022 The Qt Company Ltd. // Copyright (C) 2019 Alexey Edelev , Tatyana Borisova // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only WITH Qt-GPL-exception-1.0 +// Qt-Security score:critical reason:data-parser #include "commontemplates.h" diff --git a/src/tools/qtprotoccommon/generatorbase.cpp b/src/tools/qtprotoccommon/generatorbase.cpp index e5d35a1a..946fb277 100644 --- a/src/tools/qtprotoccommon/generatorbase.cpp +++ b/src/tools/qtprotoccommon/generatorbase.cpp @@ -1,6 +1,7 @@ // Copyright (C) 2022 The Qt Company Ltd. // Copyright (C) 2019 Alexey Edelev // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only WITH Qt-GPL-exception-1.0 +// Qt-Security score:critical reason:data-parser #include "generatorbase.h" diff --git a/src/tools/qtprotoccommon/generatorcommon.cpp b/src/tools/qtprotoccommon/generatorcommon.cpp index 70b8bb2a..e825ba96 100644 --- a/src/tools/qtprotoccommon/generatorcommon.cpp +++ b/src/tools/qtprotoccommon/generatorcommon.cpp @@ -1,6 +1,7 @@ // Copyright (C) 2022 The Qt Company Ltd. // Copyright (C) 2020 Alexey Edelev // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only WITH Qt-GPL-exception-1.0 +// Qt-Security score:critical reason:data-parser #include "generatorcommon.h" #include "options.h"