Mark Boyer-Moore searchers as security-critical

QString and QByteArray are critical, too, and not because of their ownership semantics, but because of the algorithms operating on them. Boyer-Moore searching is one of those algorithms. The QStringMatcher header is not decls-only, but it only contains trivial implementation (like (QChar*, int) -> QStringView forwarders), so is sensitive. The QLatin1StringMatcher and QByteArrayMatchers contain half of the algorithm in the header, though, to support calculating the BM tables at compile-time, so they are security-critical. Task-nunber: QTBUG-135195 Pick-to: 6.10.0 6.10 6.9 6.8 Change-Id: Ia0e32262a7b80462d681d1e688dc5153de136e7a Reviewed-by: Ivan Solovev <ivan.solovev@qt.io>
2025-09-10 14:08:58 +02:00 · 2025-09-10 14:08:58 +02:00 · 9e479614d9
parent 3b294d2d4f
commit 9e479614d9
8 changed files with 8 additions and 0 deletions
--- a/src/corelib/text/qbytearraymatcher.cpp
+++ b/src/corelib/text/qbytearraymatcher.cpp
@ -1,5 +1,6 @@
 // Copyright (C) 2016 The Qt Company Ltd.
 // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
+// Qt-Security score:critical reason:data-parser

 #include "qbytearraymatcher.h"

--- a/src/corelib/text/qbytearraymatcher.h
+++ b/src/corelib/text/qbytearraymatcher.h
@ -1,5 +1,6 @@
 // Copyright (C) 2016 The Qt Company Ltd.
 // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
+// Qt-Security score:critical reason:data-parser

 #ifndef QBYTEARRAYMATCHER_H
 #define QBYTEARRAYMATCHER_H
--- a/src/corelib/text/qlatin1stringmatcher.cpp
+++ b/src/corelib/text/qlatin1stringmatcher.cpp
@ -1,5 +1,6 @@
 // Copyright (C) 2022 The Qt Company Ltd.
 // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
+// Qt-Security score:critical reason:data-parser

 #include "qlatin1stringmatcher.h"
 #include <limits.h>
--- a/src/corelib/text/qlatin1stringmatcher.h
+++ b/src/corelib/text/qlatin1stringmatcher.h
@ -1,5 +1,6 @@
 // Copyright (C) 2022 The Qt Company Ltd.
 // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
+// Qt-Security score:critical reason:data-parser

 #ifndef QLATIN1STRINGMATCHER_H
 #define QLATIN1STRINGMATCHER_H
--- a/src/corelib/text/qstaticlatin1stringmatcher.h
+++ b/src/corelib/text/qstaticlatin1stringmatcher.h
@ -1,5 +1,6 @@
 // Copyright (C) 2023 The Qt Company Ltd.
 // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
+// Qt-Security score:critical reason:data-parser

 #ifndef QSTATICLATIN1STRINGMATCHER_H
 #define QSTATICLATIN1STRINGMATCHER_H
--- a/src/corelib/text/qstaticlatin1stringmatcher.qdoc
+++ b/src/corelib/text/qstaticlatin1stringmatcher.qdoc
@ -1,5 +1,6 @@
 // Copyright (C) 2023 The Qt Company Ltd.
 // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GFDL-1.3-no-invariants-only
+// Qt-Security score:insignificant reason:docs

 /*! \class QStaticLatin1StringMatcher
    \inmodule QtCore
--- a/src/corelib/text/qstringmatcher.cpp
+++ b/src/corelib/text/qstringmatcher.cpp
@ -1,6 +1,7 @@
 // Copyright (C) 2020 The Qt Company Ltd.
 // Copyright (C) 2019 Mail.ru Group.
 // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
+// Qt-Security score:critical reason:data-parser

 #include "qstringmatcher.h"

--- a/src/corelib/text/qstringmatcher.h
+++ b/src/corelib/text/qstringmatcher.h
@ -1,6 +1,7 @@
 // Copyright (C) 2020 The Qt Company Ltd.
 // Copyright (C) 2019 Mail.ru Group.
 // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
+// Qt-Security score:sensitive reason:trivial-impl-only

 #ifndef QSTRINGMATCHER_H
 #define QSTRINGMATCHER_H