diff options
| -rw-r--r-- | src/corelib/json/qjson.cpp | 6 | ||||
| -rw-r--r-- | tests/auto/corelib/json/invalidBinaryData/39.bjson | bin | 0 -> 24 bytes |
2 files changed, 3 insertions, 3 deletions
diff --git a/src/corelib/json/qjson.cpp b/src/corelib/json/qjson.cpp index d509349a51..b483cc2d8c 100644 --- a/src/corelib/json/qjson.cpp +++ b/src/corelib/json/qjson.cpp @@ -335,7 +335,7 @@ int Value::usedStorage(const Base *b) const bool Value::isValid(const Base *b) const { - int offset = 0; + int offset = -1; switch (type) { case QJsonValue::Double: if (latinOrIntValue) @@ -352,9 +352,9 @@ bool Value::isValid(const Base *b) const break; } - if (!offset) + if (offset == -1) return true; - if (offset + sizeof(uint) > b->tableOffset) + if (offset + sizeof(uint) > b->tableOffset || offset < (int)sizeof(Base)) return false; int s = usedStorage(b); diff --git a/tests/auto/corelib/json/invalidBinaryData/39.bjson b/tests/auto/corelib/json/invalidBinaryData/39.bjson Binary files differnew file mode 100644 index 0000000000..c6025aa9eb --- /dev/null +++ b/tests/auto/corelib/json/invalidBinaryData/39.bjson |