From cafda99d2cf1bc42a5c793b2c2119b14b6b4e762 Mon Sep 17 00:00:00 2001
From: Robert Loehning <robert.loehning@qt.io>
Date: Fri, 8 Jan 2021 19:21:42 +0100
Subject: QSslCertificate: Guard against accessing empty QByteArray

Fixes oss-fuzz issue 29276.

Change-Id: I57b0c26e5377bd6b82d9f044ae1d1d13acec996a
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
(cherry picked from commit ce90248882b73b4b816a8550710279e3e55ab64c)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
---
 src/network/ssl/qsslcertificate_qt.cpp | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/network/ssl/qsslcertificate_qt.cpp b/src/network/ssl/qsslcertificate_qt.cpp
index dfdfd529e5..66c54bfab9 100644
--- a/src/network/ssl/qsslcertificate_qt.cpp
+++ b/src/network/ssl/qsslcertificate_qt.cpp
@@ -305,7 +305,9 @@ bool QSslCertificatePrivate::parse(const QByteArray &data)
 
     if (elem.type() == QAsn1Element::Context0Type) {
         QDataStream versionStream(elem.value());
-        if (!elem.read(versionStream) || elem.type() != QAsn1Element::IntegerType)
+        if (!elem.read(versionStream)
+            || elem.type() != QAsn1Element::IntegerType
+            || elem.value().isEmpty())
             return false;
 
         versionString = QByteArray::number(elem.value().at(0) + 1);
-- 
cgit v1.2.3