| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is powered by the xx-session-manager which is tagged as
experiemntal. This is guarded by an env variable.
Application level session IDs are exposed via QSessionManager.
The public API for windows is exposed via the existing QSessionManager
and QWidget::setWindowRole.
As it's not widely supported the documentation in QWidget is left
untouched for now.
[ChangeLog][Third-Party Code] New protocol synced from wayland-protocols
Change-Id: Ibfbef86c6e75f8b95433cbba69ca10a5abea9e21
Reviewed-by: Vlad Zahorodnii <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
qdom.cpp and qdomhelpers.cpp are data parsers.
Fixes: QTBUG-135587
Pick-to: 6.10 6.9 6.8
Change-Id: I3ea77f46f91d5e05d7d6ce88f416e3062f8096ea
Reviewed-by: Ivan Solovev <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
QSettings can be parsed from *ini files that could potentially be
corrupted. Therefore qsettings.cpp and qsettings_mac.cpp are marked
security critical.
qsettings_[win|wasm].cpp are reading the settings from the registry
or from the browser, data sources that are considered trusted. Therefore
these files are marked security significant. The header are also marked
significant.
QUIP: 23
Pick-to: 6.10 6.9 6.8
Task-number: QTBUG-135187
Change-Id: I5474c9a748b238734b5cdd50fb9e46f8379924ed
Reviewed-by: Morten Johan Sørvig <[email protected]>
Reviewed-by: Ivan Solovev <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
In qlockfile.cpp, the contents of the lock file are parsed. While this
parsing is not very advanced, it meets the criteria of QUIP 23. The
other files do not meet any QUIP 23 criteria and are therefore marked
as significant.
QUIP: 23
Pick-to: 6.10 6.9 6.8
Task-number: QTBUG-135187
Change-Id: I87b2e00194583b5a2401443f556a38b472747c3a
Reviewed-by: Ivan Solovev <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
QXmlUtils are used by QXmlStream and QDom, both of which are (or ought
soon to be) marked as security-critical. The component is clearly a
data-parser, too, with the same input as QXmlStream and QDom, so has to
be security-critical, too.
The header file contains only declarations, so it gets the default
score:significant.
Amends 8df072fc8006510c9b743e8ffedaaf51a876883a.
QUIP: 23
Task-number: QTBUG-135194
Pick-to: 6.10 6.9 6.8
Change-Id: I415486dbba0c748e6af561ea4f098ea42c4b1830
Reviewed-by: Ivan Solovev <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Removed all \note tags from the QDateTime "Remarks" section.
The content did not require special highlighting and is now presented as
regular paragraphs. This improves readability and aligns with
Qt documentation style guidelines.
Pick-to: 6.10 6.9
Fixes: QTBUG-130765
Change-Id: I2e40d4ed08399b8da9e6a3ecc9720e62a683ca9c
Reviewed-by: Safiyyah Moosa <[email protected]>
Reviewed-by: Axel Spoerl <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Clarified that the macro defines operator&(), operator~(),
operator^(), and missing assignment operators (|=, &=, ^=)
in addition to operator|(). This improves accuracy and
completeness of the QFlags documentation.
pick-to: 6.10 6.9
Fixes: QTBUG-127490
Change-Id: Ib704172396cb7728d0544f6d6ae6194c45a50e4b
Reviewed-by: Axel Spoerl <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
Corrected order of QToolBox and QToolButton to follow alphabetical
listing and improve readability.
pick-to: 6.10 6.9
Fixes: QTBUG-113759
Change-Id: I0ae53c3fccf6f2fd9e44fcdee7bbb73c58fa75c7
Reviewed-by: Axel Spoerl <[email protected]>
|
| |
|
|
|
| |
Change-Id: If8e8970c6752aa0fcdf49181c001ef5766faa9ea
Reviewed-by: Alexandru Croitor <[email protected]>
|
| |
|
|
|
|
|
|
| |
This serves as a hook to add tests and test-like targets to all repo
builds
Change-Id: I480885bf5c8899981e5b8d215a14a7b736bda890
Reviewed-by: Alexandru Croitor <[email protected]>
|
| |
|
|
|
| |
Change-Id: I80411347d974a69589c632a71ffff43372854176
Reviewed-by: Alexandru Croitor <[email protected]>
|
| |
|
|
|
| |
Change-Id: Id2c821a9e0abd067a8eb66348baff0f2f657bd75
Reviewed-by: Alexandru Croitor <[email protected]>
|
| |
|
|
|
| |
Change-Id: I4f85cee9957c0c8cf001417a61b61a57d7041dba
Reviewed-by: Alexandru Croitor <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
In principle it has the same value as `INSTALL_DIR_FOR_CMAKE_TESTS`, but
this is defined much earlier and guaranteed to be present next to
`HOST_INSTALL_DIR`.
Change-Id: I0c6d2109735872fc6013d91163352698d7b7bc08
Reviewed-by: Alexandru Croitor <[email protected]>
|
| |
|
|
|
|
|
|
| |
Gate the installation of CI-only files by this option.
Change-Id: I9327bac01707ceaa27aa0c91952ddb4846589dca
Reviewed-by: Joerg Bornemann <[email protected]>
Reviewed-by: Alexandru Croitor <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
tst_qxmlstream::initTestCase copies many folders, this takes time
for Intel it takes more than 600s
Task-number: QTBUG-137562
Change-Id: I1ab8dbbaa344a579e8bf4393eb9f71d2a02e079d
Reviewed-by: Toni Saario <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
QResources can be feed data from a file at runtime. This should really
be trusted data but we cannot guarantee that, therefore the file that
contains the parser, qresource.cpp, is marked security critical.
All other files are marked with the default value security significant.
QUIP: 23
Pick-to: 6.10 6.9 6.8
Task-number: QTBUG-135187
Change-Id: Ibff50dc744a5204233695794b82b87c82cd6a6b8
Reviewed-by: Ivan Solovev <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
No data is inspected by this class. The security score is therefore not
above the default value of significant.
QUIP: 23
Pick-to: 6.10 6.9 6.8
Task-number: QTBUG-135187
Change-Id: I300e4a2613605c200a595a0fd7c9bfe20bb0294a
Reviewed-by: Ivan Solovev <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
qloggingregistry.cpp is considered security critical because it
contains a parser for a configuration file. All other files are
considered security significant.
QUIP: 23
Pick-to: 6.10 6.9 6.8
Task-number: QTBUG-135187
Change-Id: Idb9712e11f6ba5744e2d576833db4a7fae4e5eaa
Reviewed-by: Ivan Solovev <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
QBuffer operates on external data and data corruption issues have
been found before.
QUIP: 23
Pick-to: 6.10 6.9 6.8
Task-number: QTBUG-135187
Change-Id: I6f9ccd58ec423142f3551af3ba4e3c20d3f8392f
Reviewed-by: Marc Mutz <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
QAbstractFileEngine::readLine reads from the file info data. The header
is not marked and will default to security significant.
QUIP: 23
Pick-to: 6.10 6.9 6.8
Task-number: QTBUG-135187
Change-Id: I0dda64d78a515ed70a32777191af7c681cbfc067
Reviewed-by: Marc Mutz <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
QFileSystemEntry inspects paths, that can be provided by the user
following the code documentation. As such it has to be categorized as
critical.
QUIP: 23
Pick-to: 6.10 6.9 6.8
Task-number: QTBUG-135187
Change-Id: I629c39bd1aedf216a067dab9a21eb09ad495b301
Reviewed-by: Ivan Solovev <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
qfiledevice.cpp contains some minimal data inspection, see
putCharHelper(). However, this is very simple and not sufficient to make
the file critical.
QUIP: 23
Pick-to: 6.10 6.9 6.8
Task-number: QTBUG-135187
Change-Id: I76e608fa42b0bca003fc5d0166fd863583df075a
Reviewed-by: Ivan Solovev <[email protected]>
|
| |
|
|
|
|
|
|
| |
QUIP: 23
Task-number: QTBUG-135191
Pick-to: 6.10 6.9 6.8
Change-Id: I81ceead665ee0313a492616188c33c6568070b11
Reviewed-by: Axel Spoerl <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
loadProviders() is parsing data, but it should only be trusted data.
The function isTextFile() apparently reads data from an untrusted file
to identify it as text file. Therefore this file has to be considered
security critical.
QUIP: 23
Task-number: QTBUG-135191
Pick-to: 6.10 6.9 6.8
Change-Id: I8884293eff5584038f3388dc0309cfa70eae0c89
Reviewed-by: Ivan Solovev <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Added a banch of CMakeLists to different folders.
In the qprocess folder deleted the unused QApplication and added
condition for windows.
In qstring, fixed some small bugs.
In qsignalmapper, added a condition to avoid naming problem
Task-number: QTBUG-137566
Change-Id: I63e04cdd01b5854ab5f2dac2a0c317eea35f5b42
Reviewed-by: Volker Hilsheimer <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Trying to compile snippets and fixing some bugs with them.
Added some files and targets to CMakeList.txt.
Added SOURCES of files that triggers Widgets in CMakeList.txt.
Handled "no widgets" and "no qml" cases for snippets compiling.
Relocated the necessary header file for qtcast.
All others are just small fixes.
Update: fixed path to the qlogging snippet in docs
Task-number: QTBUG-137566
Change-Id: I6c6068790bf24ca88072cf8ca5c33b1401551452
Reviewed-by: Volker Hilsheimer <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Before this patch, in QWindowsContext::setProcessDpiAwareness,
there are some conditions that will make this function return
early, in this case, QWindowsContextPrivate::m_v2DpiAware won't
be updated to the correct value (it's initially set to false
and we want it to be true in these cases), this is absolutely
wrong. Luckily, this issue just makes QPA call enableNonClientDpiScaling() in unnecessary situations and
that is harmless. But it's also better to fix this issue.
Change-Id: I04d70d5d83b898a3cd2856d504bcd3f5519427b4
Reviewed-by: Oliver Wolff <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
Make implicit and explicit protocol level-2 sections.
Make some formulations more concise.
Pick-to: 6.10
Change-Id: I0474388924dec95fa4da1c260f61ffdb3ea8adc3
Reviewed-by: Artem Dyomin <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Speeding up animations in tst_qquickpopup by 5 times results in a
reduction of its execution time from 9.8 to 7.9 minutes: a 20%
improvement.
This patch:
- Renames setSlowdownFactor to setSpeedModifier.
- Removes setSlowModeEnabled. There's no need for two functions if
we can just set a speed directly.
Task-number: QTBUG-137919
Change-Id: I04eb5d962c818da5d36f8f4cb5a2404977b78deb
Reviewed-by: Thiago Macieira <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
This commit adds a `perf` option description and mentions that the
`tickcounter` options requires a hardware support.
Fixes: QTBUG-134795
Pick-to: 6.10 6.9 6.8
Change-Id: I8462073850b6811508776b40e867e62eb88f78e7
Reviewed-by: Dennis Oberst <[email protected]>
|
| |
|
|
|
|
|
| |
Fixes: QTBUG-133631
Pick-to: 6.9 6.10
Change-Id: I930de385a24229a7e47f8f80eb607fc59be19d30
Reviewed-by: Morten Johan Sørvig <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This class is going to be marked as security-critical, and so we don't
want code in the header (because fixes in inline code require
recompiling all users, not just re-linking).
Incidentally, de-inlining getLockFileHandle() removes the need to
include some nasty (qt_windows.h) headers in the header (which means
we need to revert part of 779bdf481ca208c20cfabd02d02d74175b0624b9 and
go back from NSDMI to ctor-init-list, at least for `fileHandle`).
As a drive-by, make the constructor explicit.
Pick-to: 6.10 6.9 6.8 6.5
Change-Id: I3d376c2c02eb1f7de7a0b923ac4424b1057fdb1c
Reviewed-by: David Faure <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These components process input external to the process, and the
application depends on these components to report errors to
detect failure, so these components are security-critical.
The writers are, too, because a valid use of the classes is to
stream-read something, filter or edit a few nodes, and then
stream back, in which case writers see the same input as the
readers, only in reverse, and have to build a valid output.
Where there's doubt whether a header should be considered
critical or not, err on the side of critical. We can always
revisit the decision later when we know what semantics we'll
attach to this marking.
Where a header only contains declarations (and class definitions),
mark as significant with reason "header, declarations only". It is
probably a good idea to avoid any non-trivial inline code in
headers whose .cpp files are security-critical, but moving all
inline code out-of-line is a task for a different patch.
Amends 8df072fc8006510c9b743e8ffedaaf51a876883a.
QUIP: 23
Task-number: QTBUG-135194
Pick-to: 6.10 6.9 6.8
Change-Id: Ie317c4df652430e6e68954c37d553b760836dff8
Reviewed-by: Matthias Rauter <[email protected]>
|
| |
|
|
|
|
|
| |
Trivial, after we made the d_ptr private in a preceding commit.
Change-Id: Ie54adf7b5575924b557c6aa7b574a543ce31fcf5
Reviewed-by: David Faure <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The original author of the class doesn't remember why it's protected,
and there appear to be no meaningful uses for a protected d_ptr
(unlike in the QObject case). The class is also not designed as a
base class (the destructor is public and non-virtual), and we never
advertized the protectedness of the d_ptr, so treat this as \internal
API and just make it private.
[ChangeLog][Potentially Source-Incompatible Changes][QtCore] The
protected QLockFile::d_ptr variable is now private. The class isn't
safe for subclassing, anyway (doesn't have a virtual destructor), so
if your code depends on this, you need to find a different design.
Change-Id: Idba36fd65f4c1327f31ee6c27320a0697147de5f
Reviewed-by: David Faure <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The chrono-first approach asks that potentially-truncating functions
that convert from chrono to int be inlined, so the UB happens in the
user's domain and not in Qt's.
When 0592123a0c68b65c83555dc0f023c4bc77030f31 added the functions for
6.2, this approach wasn't, yet, agreed upon, so catch the code up now.
Found in independent review.
As a drive-by, fix incorrect inner spaces on a {} constructor call,
amending 5cea5fc80b9e1b19d620ec6be1acd5cdbd220971.
Pick-to: 6.10
Change-Id: Ic231af1f8c8e10868b7fa9b1f09a63eb8478da0a
Reviewed-by: David Faure <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
Said overload was added in 39cdf431f034121353e51768b4d1fec8b0dd35dc,
and its use prevents a forced detach in setProperty() that comes from
the function taking a copy of the QVariant and then calling .data()
on it. The rvalue overload prevents this.
Pick-to: 6.10 6.9 6.8
Change-Id: I4f84dae61ab0091d1058c9dee5a02c09b0ac41b5
Reviewed-by: Thiago Macieira <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
Amends 14090760a87f23509b7bb5ad846537c766cb44a5.
Fixes: QTBUG-138043
Pick-to: 6.10 6.9 6.8
Change-Id: I9aa95af0d4a2995cdb8efffd3ce3d6d5036bdcfe
Reviewed-by: Giuseppe D'Angelo <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
The installation is already gated by the user having to specify
`INSTALL_PUBLICBINDIR`, at which point we know that they want symlinks
created and installed. This automates the installation for that user.
Fixes: QTBUG-132761
Change-Id: Ie1242f21ec39db8fc0f31d7f2b93a43a23533485
Reviewed-by: Alexandru Croitor <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When the IPv4 netmask is 255.255.255.255 (point-to-point interface), we
were calculating our own local IP. That meant we would route through the
loopback interface to connect to it, not the interface, resulting in
test failures. So just flip one bit and hope that it will work.
FAIL! : tst_QNetworkInterface::localAddress(vpn0-10.124.222.242) The computed value is expected to be less than or equal to the baseline, but is not
Computed (pmtu) : 65535
Baseline (outgoingIface->maximumTransmissionUnit()): 1422
$ ip r get 10.124.222.242
local 10.124.222.242 dev lo table local src 10.124.222.242 uid 1000
Pick-to: 6.10 6.9 6.8
Change-Id: I3d18ad117dd0c49fcec2fffdcb29534e64a438d9
Reviewed-by: Mårten Nordheim <[email protected]>
|
| |
|
|
|
|
|
|
| |
Amends 6c72080f26e9b70041434c6d762f7d601a2bf19c.
Pick-to: 6.10 6.9 6.8
Change-Id: I8af92558be9ebef70fe99d4d6e9dcfdc14ef90ba
Reviewed-by: Volker Hilsheimer <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Nothing is modifying the variable, so make it constexpr (was: mutable)
and change all the if's into if-constexpr's.
While the compiler doesn't care unless QT_DEBUG_DRAW is defined, this
will prevent the next human reader from going on the same fruitless
hunt for a setter as yours truly.
Amends the start of the public history.
Pick-to: 6.10 6.9 6.8 6.5
Change-Id: Ib2f8c0fcb2938ca3548b9452c4d8eb482e6ffbe5
Reviewed-by: Volker Hilsheimer <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A QString is not a faithful representation of a lock file, so the
(QString) ctor shouldn't be implicit.
Mark it as explicit.
Found in independent review.
[ChangeLog][Potentially Source-Incompatible Changes][QtCore] The
QLockFile(QString) constructor is now explicit, so implicit conversion
from QString to QLockFile, incl. `QLockFile f = str;`, no longer works.
Using explicit construction instead (`QLockFile f(str);`) is a
backwards-compatible fix.
Amends 1b582d64eb6d13e60a02ebc40956302a4864eb6c, but not picking to
released branches, because it's slightly SiC.
Pick-to: 6.10
Change-Id: I1f6b8c51cde4e1a1b51907083caa0acec9f4698d
Reviewed-by: David Faure <[email protected]>
|
| |
|
|
|
|
| |
Pick-to: 6.9 6.10
Change-Id: Idbfb39bbe1f16de420711911df0a8c47a2a75420
Reviewed-by: Mårten Nordheim <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We still want to test the code on non-affected MSVC versions, so we
- remove the header from the manual qt_wrap_cpp call,
- instead, let automoc pick it up by making it part of the target,
- include the moc file to prevent CMake putting the generated file
in the combined C++ file,
- but include it only conditionally to avoid the compilation issue on
MSVC.
This has the side effect that we no longer consider the file in the JSON
output, but that is less important.
Pick-to: 6.10 6.9
Change-Id: I46d93aac9721eba081221586b66a3742c863da90
Reviewed-by: Oliver Wolff <[email protected]>
|
| |
|
|
|
|
|
| |
Pick-to: 6.10 6.9 6.8
Fixes: QTBUG-137986
Change-Id: I6e7465c47f20b34a64daa77f5d28271b7c0a73be
Reviewed-by: Andy Nichols <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Build static doc tools first, because after aftifacts builds
dependency builds start and qtbase continues building its tests
and some modules already needs tools before qtbase has built its
test artifacts, which causes them to fail.
Task-number: COIN-1247
Pick-to: 6.10 6.9 6.8
Change-Id: If7685e94033371a80422f99e5f3aaa32df63a3ec
Reviewed-by: Alexandru Croitor <[email protected]>
Reviewed-by: Jukka Jokiniva <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
This example uses two windows and requires both to be visible
at the same time. Call showNormal() instead of show() to prevent
the first window from becoming fullscreen on platforms where show()
uses fullscreen mode by default.
Change-Id: Iab8bcfeba0ec14a8ea87256e0c843db279749d61
Reviewed-by: Tor Arne Vestbø <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This supports partial usage of QCursor::setPos to move the mouse cursor.
The wayland protocol only supports moving the cursor within the bounds
of the window with pointer focus. Co-ordinates are mapped from global
space to be relative to the focussed window.
[ChangeLog][Third-Party Code] New protocol synced from wayland-protocols
Fixes: QTBUG-127077
Pick-to: 6.10
Change-Id: Ic10142b2771fc9e6afc723b115b1b013a671e711
Reviewed-by: David Redondo <[email protected]>
|
