diff options
Diffstat (limited to 'src/corelib/json/qjson.cpp')
| -rw-r--r-- | src/corelib/json/qjson.cpp | 43 |
1 files changed, 20 insertions, 23 deletions
diff --git a/src/corelib/json/qjson.cpp b/src/corelib/json/qjson.cpp index e1756aa033..8f2c12a338 100644 --- a/src/corelib/json/qjson.cpp +++ b/src/corelib/json/qjson.cpp @@ -297,38 +297,35 @@ int Value::usedStorage(const Base *b) const return alignedSize(s); } +inline bool isValidValueOffset(uint offset, uint tableOffset) +{ + return offset >= sizeof(Base) + && offset + sizeof(uint) <= tableOffset; +} + bool Value::isValid(const Base *b) const { - int offset = -1; switch (type) { + case QJsonValue::Null: + case QJsonValue::Bool: + return true; case QJsonValue::Double: - if (latinOrIntValue) - break; - // fall through + return latinOrIntValue || isValidValueOffset(value, b->tableOffset); case QJsonValue::String: + if (!isValidValueOffset(value, b->tableOffset)) + return false; + if (latinOrIntValue) + return asLatin1String(b).isValid(b->tableOffset - value); + return asString(b).isValid(b->tableOffset - value); case QJsonValue::Array: + return isValidValueOffset(value, b->tableOffset) + && static_cast<Array *>(base(b))->isValid(b->tableOffset - value); case QJsonValue::Object: - offset = value; - break; - case QJsonValue::Null: - case QJsonValue::Bool: + return isValidValueOffset(value, b->tableOffset) + && static_cast<Object *>(base(b))->isValid(b->tableOffset - value); default: - break; - } - - if (offset == -1) - return true; - if (offset + sizeof(uint) > b->tableOffset || offset < (int)sizeof(Base)) - return false; - - int s = usedStorage(b); - if (s < 0 || s > (int)b->tableOffset - offset) return false; - if (type == QJsonValue::Array) - return static_cast<Array *>(base(b))->isValid(s); - if (type == QJsonValue::Object) - return static_cast<Object *>(base(b))->isValid(s); - return true; + } } /*! |