summaryrefslogtreecommitdiffstats
path: root/src/corelib/json/qjsondocument.cpp
diff options
context:
space:
mode:
authorDenis Dzyubenko <denis.dzyubenko@nokia.com>2012-03-29 14:59:26 +0200
committerQt by Nokia <qt-info@nokia.com>2012-03-29 16:08:40 +0200
commite444dcf5b15e03b75041eda09eb730163363dfe7 (patch)
tree92767b030376c50b21a1c1bbdca3649ce5ff3ee6 /src/corelib/json/qjsondocument.cpp
parentaeb1824a84e61e75ac053abc7ba46c565e4abc7c (diff)
Don't copy the whole binary input into QJsonDocument
If the input binary data exceeds the size of the enclosed binary object, we shouldn't allocate buffer and copy the whole content, but only content size that has meaningful data. Change-Id: I32587f504bd120c6e4e3d7e1b3403961a6f0d537 Reviewed-by: Lars Knoll <lars.knoll@nokia.com>
Diffstat (limited to 'src/corelib/json/qjsondocument.cpp')
-rw-r--r--src/corelib/json/qjsondocument.cpp7
1 files changed, 4 insertions, 3 deletions
diff --git a/src/corelib/json/qjsondocument.cpp b/src/corelib/json/qjsondocument.cpp
index 8fa2cef94e..be241bc3fc 100644
--- a/src/corelib/json/qjsondocument.cpp
+++ b/src/corelib/json/qjsondocument.cpp
@@ -237,12 +237,13 @@ QJsonDocument QJsonDocument::fromBinaryData(const QByteArray &data, DataValidati
sizeof(QJsonPrivate::Header) + root.size > (uint)data.size())
return QJsonDocument();
- char *raw = (char *)malloc(data.size());
+ const uint size = sizeof(QJsonPrivate::Header) + root.size;
+ char *raw = (char *)malloc(size);
if (!raw)
return QJsonDocument();
- memcpy(raw, data.constData(), data.size());
- QJsonPrivate::Data *d = new QJsonPrivate::Data(raw, data.size());
+ memcpy(raw, data.constData(), size);
+ QJsonPrivate::Data *d = new QJsonPrivate::Data(raw, size);
if (validation != BypassValidation && !d->valid()) {
delete d;