diff options
-rw-r--r-- | src/corelib/serialization/qjson.cpp | 6 | ||||
-rw-r--r-- | tests/auto/corelib/serialization/json/invalidBinaryData/39.bjson | bin | 0 -> 24 bytes |
2 files changed, 3 insertions, 3 deletions
diff --git a/src/corelib/serialization/qjson.cpp b/src/corelib/serialization/qjson.cpp index e4bca3bcd0..c5e9eb70e1 100644 --- a/src/corelib/serialization/qjson.cpp +++ b/src/corelib/serialization/qjson.cpp @@ -328,7 +328,7 @@ int Value::usedStorage(const Base *b) const bool Value::isValid(const Base *b) const { - int offset = 0; + int offset = -1; switch (type) { case QJsonValue::Double: if (latinOrIntValue) @@ -345,9 +345,9 @@ bool Value::isValid(const Base *b) const break; } - if (!offset) + if (offset == -1) return true; - if (offset + sizeof(uint) > b->tableOffset) + if (offset + sizeof(uint) > b->tableOffset || offset < (int)sizeof(Base)) return false; int s = usedStorage(b); diff --git a/tests/auto/corelib/serialization/json/invalidBinaryData/39.bjson b/tests/auto/corelib/serialization/json/invalidBinaryData/39.bjson Binary files differnew file mode 100644 index 0000000000..c6025aa9eb --- /dev/null +++ b/tests/auto/corelib/serialization/json/invalidBinaryData/39.bjson |