diff options
author | Lars Knoll <lars.knoll@theqtcompany.com> | 2015-03-18 08:49:39 +0100 |
---|---|---|
committer | Simon Hausmann <simon.hausmann@theqtcompany.com> | 2016-02-18 07:38:28 +0000 |
commit | 03f1a69e9cffe919597373471f7609521a465470 (patch) | |
tree | 83953ccc59c058dfa66b44e32f51dac5ade9c953 /src/corelib/json/qjson_p.h | |
parent | 6342fb2c3ec516eb5f0fcbd883a65e61acc802de (diff) |
Avoid size overflows when inserting into very large JSON objects
QJson has a size limitation for arrays and objects. Make sure we
don't go over that size limit and create corrupt objects when
inserting data.
Change-Id: I45be3caefc282d8041f38acd120b985ed4389b8c
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@theqtcompany.com>
Reviewed-by: Simon Hausmann <simon.hausmann@theqtcompany.com>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Diffstat (limited to 'src/corelib/json/qjson_p.h')
-rw-r--r-- | src/corelib/json/qjson_p.h | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/src/corelib/json/qjson_p.h b/src/corelib/json/qjson_p.h index 7f5a2d88a1..1767b3e9e6 100644 --- a/src/corelib/json/qjson_p.h +++ b/src/corelib/json/qjson_p.h @@ -788,7 +788,11 @@ public: if (reserve) { if (reserve < 128) reserve = 128; - size = qMax(size + reserve, size *2); + size = qMax(size + reserve, qMin(size *2, (int)Value::MaxSize)); + if (size > Value::MaxSize) { + qWarning("QJson: Document too large to store in data structure"); + return 0; + } } char *raw = (char *)malloc(size); Q_CHECK_PTR(raw); |