QCborValue: fix double-accounting of the usedData when decoding strings

We can only update usedData at the end, after we've decoded all chunks. The update inside the lambda was double-accounting for the first chunk, which could lead to signed integer overflows in usedData. Not unit-testable since the usedData value is not visible in the API. Change-Id: Ibdc95e9af7bd456a94ecfffd16061cc955208859 Reviewed-by: Ulf Hermann <ulf.hermann@qt.io> Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
author: Thiago Macieira <thiago.macieira@intel.com> 2020-04-15 18:52:49 -0300
committer: Thiago Macieira <thiago.macieira@intel.com> 2020-04-22 18:04:30 -0300
commit: fdea55cb9832a194b5ec1262e216f12ae644ba6b (patch)
tree: 3c13a8074a086c2d66bf16597371b01e784ff7e9 /src
parent: 94b02f6cb20fcb597416a46f7e2defced39fb774 (diff)
1 files changed, 0 insertions, 2 deletions
diff --git a/src/corelib/serialization/qcborvalue.cpp b/src/corelib/serialization/qcborvalue.cpp
index c45a09ad99..90b45fb853 100644
--- a/src/corelib/serialization/qcborvalue.cpp
+++ b/src/corelib/serialization/qcborvalue.cpp
@@ -1561,8 +1561,6 @@ void QCborContainerPrivate::decodeStringFromCbor(QCborStreamReader &reader)
         if (newSize > MaxByteArraySize)
             return -1;
 
-        // since usedData <= data.size(), this can't overflow
-        usedData += increment;
         data.resize(newSize);
         return offset;
     };
author	Thiago Macieira <thiago.macieira@intel.com>	2020-04-15 18:52:49 -0300
committer	Thiago Macieira <thiago.macieira@intel.com>	2020-04-22 18:04:30 -0300
commit	fdea55cb9832a194b5ec1262e216f12ae644ba6b (patch)
tree	3c13a8074a086c2d66bf16597371b01e784ff7e9 /src
parent	94b02f6cb20fcb597416a46f7e2defced39fb774 (diff)