QSslCertificate: Guard against accessing empty QByteArray

Fixes oss-fuzz issue 29276. Pick-to: 5.12 5.15 6.0 Change-Id: I57b0c26e5377bd6b82d9f044ae1d1d13acec996a Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
author: Robert Loehning <robert.loehning@qt.io> 2021-01-08 19:21:42 +0100
committer: Robert Loehning <robert.loehning@qt.io> 2021-01-11 19:14:21 +0100
commit: ce90248882b73b4b816a8550710279e3e55ab64c (patch)
tree: 6100b6789fb575b661e87502928e658edf0e6cd8 /src/network/ssl
parent: d7d6f8765f709dd4162a0d39404969d39b6d4b00 (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/src/network/ssl/qsslcertificate_qt.cpp b/src/network/ssl/qsslcertificate_qt.cpp
index f17d1500c5..7c050e9c3b 100644
--- a/src/network/ssl/qsslcertificate_qt.cpp
+++ b/src/network/ssl/qsslcertificate_qt.cpp
@@ -311,7 +311,9 @@ bool QSslCertificatePrivate::parse(const QByteArray &data)
 
     if (elem.type() == QAsn1Element::Context0Type) {
         QDataStream versionStream(elem.value());
-        if (!elem.read(versionStream) || elem.type() != QAsn1Element::IntegerType)
+        if (!elem.read(versionStream)
+            || elem.type() != QAsn1Element::IntegerType
+            || elem.value().isEmpty())
             return false;
 
         versionString = QByteArray::number(elem.value().at(0) + 1);
author	Robert Loehning <robert.loehning@qt.io>	2021-01-08 19:21:42 +0100
committer	Robert Loehning <robert.loehning@qt.io>	2021-01-11 19:14:21 +0100
commit	ce90248882b73b4b816a8550710279e3e55ab64c (patch)
tree	6100b6789fb575b661e87502928e658edf0e6cd8 /src/network/ssl
parent	d7d6f8765f709dd4162a0d39404969d39b6d4b00 (diff)