Mark QBuffer security criticalHEAD dev

QBuffer operates on external data and data corruption issues have been found before. QUIP: 23 Pick-to: 6.10 6.9 6.8 Task-number: QTBUG-135187 Change-Id: I6f9ccd58ec423142f3551af3ba4e3c20d3f8392f Reviewed-by: Marc Mutz <[email protected]>
author: Matthias Rauter <[email protected]> 2025-06-19 11:32:16 +0200
committer: Marc Mutz <[email protected]> 2025-06-26 12:27:36 +0000
commit: 4f84818a8c50d54dd72a5024dc2a430dc268bdb3 (patch)
tree: d5cc9cd308804691dde4c4731f1d55aad1b17187
parent: 961e6edd1378ad496978267f3f4791f340646253 (diff)
2 files changed, 2 insertions, 0 deletions
diff --git a/src/corelib/io/qbuffer.cpp b/src/corelib/io/qbuffer.cpp
index 16abac48886..f7984409a0e 100644
--- a/src/corelib/io/qbuffer.cpp
+++ b/src/corelib/io/qbuffer.cpp
@@ -1,5 +1,6 @@
 // Copyright (C) 2016 The Qt Company Ltd.
 // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
+// Qt-Security score:critical reason:data-parser
 
 #include "qbuffer.h"
 #include <QtCore/qmetaobject.h>
diff --git a/src/corelib/io/qbuffer.h b/src/corelib/io/qbuffer.h
index 4cbbfe7c52d..8dc36d92310 100644
--- a/src/corelib/io/qbuffer.h
+++ b/src/corelib/io/qbuffer.h
@@ -1,5 +1,6 @@
 // Copyright (C) 2016 The Qt Company Ltd.
 // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
+// Qt-Security score:significant reason:default
 
 #ifndef QBUFFER_H
 #define QBUFFER_H
author	Matthias Rauter <[email protected]>	2025-06-19 11:32:16 +0200
committer	Marc Mutz <[email protected]>	2025-06-26 12:27:36 +0000
commit	4f84818a8c50d54dd72a5024dc2a430dc268bdb3 (patch)
tree	d5cc9cd308804691dde4c4731f1d55aad1b17187
parent	961e6edd1378ad496978267f3f4791f340646253 (diff)