Fix security issue CVE-2016-10040

[taken from RedHat Qt3 patches] Signed-off-by: Slávek Banko <slavek.banko@axis.cz> (cherry picked from commit 54809cd81b104eff743b46aa7fe8744cab46cf98)
author: Slávek Banko <slavek.banko@axis.cz> 2018-07-26 18:31:13 +0200
committer: Slávek Banko <slavek.banko@axis.cz> 2018-07-26 18:42:07 +0200
commit: 38fcc7cf0feaf8b06458a63f3b4fa454ccb6e2d1 (patch)
tree: 7e674de95e2df13b001868161c654e7a4d31fb83 /src/xml
parent: 05e582e0fe9aadfebe79f8a7f4241586eb181f5c (diff)
download: qt3-38fcc7cf0feaf8b06458a63f3b4fa454ccb6e2d1.tar.gz
qt3-38fcc7cf0feaf8b06458a63f3b4fa454ccb6e2d1.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/src/xml/qxml.h b/src/xml/qxml.h
index 6d0bee8..dda718e 100644
--- a/src/xml/qxml.h
+++ b/src/xml/qxml.h
@@ -311,7 +311,7 @@ private:
     // for the DTD currently being parsed.
     static const uint dtdRecursionLimit = 2U;
     // The maximum amount of characters an entity value may contain, after expansion.
-    static const uint entityCharacterLimit = 65536U;
+    static const uint entityCharacterLimit = 4096U;
 
     const QString &string();
     void stringClear();
author	Slávek Banko <slavek.banko@axis.cz>	2018-07-26 18:31:13 +0200
committer	Slávek Banko <slavek.banko@axis.cz>	2018-07-26 18:42:07 +0200
commit	38fcc7cf0feaf8b06458a63f3b4fa454ccb6e2d1 (patch)
tree	7e674de95e2df13b001868161c654e7a4d31fb83 /src/xml
parent	05e582e0fe9aadfebe79f8a7f4241586eb181f5c (diff)
download	qt3-38fcc7cf0feaf8b06458a63f3b4fa454ccb6e2d1.tar.gz qt3-38fcc7cf0feaf8b06458a63f3b4fa454ccb6e2d1.zip