Details
-
Suggestion
-
Resolution: Unresolved
-
Not Evaluated
-
None
-
None
-
None
-
Windows
Description
I beleive that QNativeSocketEnginePrivate::nativeWrite() method in src/network/socket/qnativesocketengine_win.cpp contains potential bug.
In case when WSASend() returns success but ret != len, it tries next send, but bytesToSend isn't decreased like it happens in end of cycle (it didn't reached because of continue operator). This causes data buffer overread and wrong data being sent to remote side. This case may never hapen due to current socket configuration or some API specification details, but these factors looks very sensitive to be changed.
Affected classes: QAbstractSocket, QTcpSocket, QSslSocket.
Threrefore, piece of code responsible for handling this sort of case should be either fixed or considered to be dead and removed.