A heap buffer overflow vulnerability exists in `QTextMarkdownImporter`. When parsing the front matter of a Markdown file, the code assumes that more characters (e.g., a newline) will be present in the input after finding the closing marker `---`. However, if the input stream ends with the `----` delimiter and lacks a trailing newline, calling `QStringView::sliced()` will attempt to access characters beyond the end of the string, causing the program to crash.
Causes of the vulnerability: 1. Insufficient boundary checks: The case where the delimiter appears at the end of the input was not handled correctly. 2. Overly permissive marker requirements: Allowing unexpected whitespace or other formatting errors led to issues in the parsing logic. Affected versions: 6.8.0 to 6.8.3 Unaffected versions: Versions prior to 6.6.0 Fix patch: https://codereview.qt-project.org/c/qt/qtbase/+/635546
