4 files changed, 5 insertions, 1 deletions

diff --git a/src/corelib/json/qjson_p.h b/src/corelib/json/qjson_p.h
index 5be31ca03f..41d8ab25f3 100644
--- a/src/corelib/json/qjson_p.h
+++ b/src/corelib/json/qjson_p.h
@@ -540,7 +540,7 @@ static inline void copyString(char *dest, const QString &str, bool compress)
 
 
 /*
- Base is the base class for both Object and Array. Both classe work more or less the same way.
+ Base is the base class for both Object and Array. Both classes work more or less the same way.
  The class starts with a header (defined by the struct below), then followed by data (the data for
  values in the Array case and Entry's (see below) for objects.
 
diff --git a/src/corelib/json/qjsondocument.cpp b/src/corelib/json/qjsondocument.cpp
index 1916730d6d..cc0018bc62 100644
--- a/src/corelib/json/qjsondocument.cpp
+++ b/src/corelib/json/qjsondocument.cpp
@@ -182,6 +182,9 @@ QJsonDocument QJsonDocument::fromRawData(const char *data, int size, DataValidat
         return QJsonDocument();
     }
 
+    if (size < (int)(sizeof(QJsonPrivate::Header) + sizeof(QJsonPrivate::Base)))
+        return QJsonDocument();
+
     QJsonPrivate::Data *d = new QJsonPrivate::Data((char *)data, size);
     d->ownsData = false;
 
diff --git a/tests/auto/corelib/json/invalidBinaryData/38.bjson b/tests/auto/corelib/json/invalidBinaryData/38.bjson
new file mode 100644
index 0000000000..e69de29bb2
--- /dev/null
+++ b/tests/auto/corelib/json/invalidBinaryData/38.bjson
diff --git a/tests/auto/corelib/json/tst_qtjson.cpp b/tests/auto/corelib/json/tst_qtjson.cpp
index f2f9166711..a0d36fc4e0 100644
--- a/tests/auto/corelib/json/tst_qtjson.cpp
+++ b/tests/auto/corelib/json/tst_qtjson.cpp
@@ -1790,6 +1790,7 @@ void tst_QtJson::invalidBinaryData()
         QFile file(files.at(i).filePath());
         file.open(QIODevice::ReadOnly);
         QByteArray bytes = file.readAll();
+        bytes.squeeze();
         QJsonDocument document = QJsonDocument::fromRawData(bytes.constData(), bytes.size());
         QVERIFY(document.isNull());
     }