From 9e9196380ccbed86c906c1fee33e19e2e6da3dfe Mon Sep 17 00:00:00 2001
From: Dennis Oberst <dennis.oberst@qt.io>
Date: Wed, 18 Jun 2025 14:21:03 +0200
Subject: [PATCH] qtprotobuf: mark security critical source files

Reviewed and marked all security critical files in the
qtgrpc/src/protobuf directory.

More information: https://contribute.qt-project.org/quips/23

Fixes: QTBUG-135456
Pick-to: 6.10
Change-Id: I9cc05039ca5830d04816ada978ec193ece154732
Reviewed-by: Alexey Edelev <alexey.edelev@qt.io>
---
 src/protobuf/protobufscalarserializers_p.h | 1 +
 src/protobuf/qprotobufjsonserializer.cpp   | 1 +
 src/protobuf/qprotobufpropertyordering.cpp | 1 +
 src/protobuf/qprotobufserializer.cpp       | 1 +
 4 files changed, 4 insertions(+)

diff --git a/src/protobuf/protobufscalarserializers_p.h b/src/protobuf/protobufscalarserializers_p.h
index 05484473..e7aa8d2b 100644
--- a/src/protobuf/protobufscalarserializers_p.h
+++ b/src/protobuf/protobufscalarserializers_p.h
@@ -1,5 +1,6 @@
 // Copyright (C) 2024 The Qt Company Ltd.
 // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
+// Qt-Security score:critical reason:data-parser
 
 #ifndef PROTOBUFSCALARSERIALIZERS_P_H
 #define PROTOBUFSCALARSERIALIZERS_P_H
diff --git a/src/protobuf/qprotobufjsonserializer.cpp b/src/protobuf/qprotobufjsonserializer.cpp
index fa4c0302..ddb1a2a4 100644
--- a/src/protobuf/qprotobufjsonserializer.cpp
+++ b/src/protobuf/qprotobufjsonserializer.cpp
@@ -1,5 +1,6 @@
 // Copyright (C) 2023 The Qt Company Ltd.
 // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
+// Qt-Security score:critical reason:data-parser
 
 #include <QtProtobuf/qprotobufjsonserializer.h>
 
diff --git a/src/protobuf/qprotobufpropertyordering.cpp b/src/protobuf/qprotobufpropertyordering.cpp
index feaf2f5c..149fa778 100644
--- a/src/protobuf/qprotobufpropertyordering.cpp
+++ b/src/protobuf/qprotobufpropertyordering.cpp
@@ -1,5 +1,6 @@
 // Copyright (C) 2024 The Qt Company Ltd.
 // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
+// Qt-Security score:critical reason:data-parser
 
 #include <QtProtobuf/qprotobufpropertyordering.h>
 
diff --git a/src/protobuf/qprotobufserializer.cpp b/src/protobuf/qprotobufserializer.cpp
index 8eb086a1..fdbbcc0a 100644
--- a/src/protobuf/qprotobufserializer.cpp
+++ b/src/protobuf/qprotobufserializer.cpp
@@ -1,6 +1,7 @@
 // Copyright (C) 2022 The Qt Company Ltd.
 // Copyright (C) 2019 Alexey Edelev <semlanik@gmail.com>, Viktor Kopp <vifactor@gmail.com>
 // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
+// Qt-Security score:critical reason:data-parser
 
 #include <QtProtobuf/qprotobufserializer.h>