The qdbusdemarshaller.cpp file implements deserialization of data that is received over D-Bus. An error in deserialization (e.g. reading a string instead of an int) may lead to a crash, so the code is security-critical. The qdbusmarshaller.cpp file is also marked security-critical, because it serializes the data, and so: * can crash libdbus upon incorrect serialization, or * can cause crashes in another (potentially Qt-based) application that later tries to deserialize the data The patch also marks qdbusargument.cpp as security-critical, becuase it implements marshalling and demarshalling for Qt-specific types. Task-number: QTBUG-135199 Pick-to: 6.10 6.9 6.8 Change-Id: Ifc8d78cf4534ad398e9eb9fc869e8064d56db603 Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>