diff options
Diffstat (limited to 'src/qml/jsruntime/qv4compilationunitmapper_unix.cpp')
-rw-r--r-- | src/qml/jsruntime/qv4compilationunitmapper_unix.cpp | 23 |
1 files changed, 17 insertions, 6 deletions
diff --git a/src/qml/jsruntime/qv4compilationunitmapper_unix.cpp b/src/qml/jsruntime/qv4compilationunitmapper_unix.cpp index d7364f8706..204e222121 100644 --- a/src/qml/jsruntime/qv4compilationunitmapper_unix.cpp +++ b/src/qml/jsruntime/qv4compilationunitmapper_unix.cpp @@ -3,13 +3,14 @@ #include "qv4compilationunitmapper_p.h" -#include <sys/mman.h> -#include <functional> #include <private/qcore_unix_p.h> -#include <QScopeGuard> -#include <QDateTime> +#include <private/qv4compileddata_p.h> -#include "qv4executablecompilationunit_p.h" +#include <QtCore/qscopeguard.h> +#include <QtCore/qdatetime.h> + +#include <functional> +#include <sys/mman.h> QT_BEGIN_NAMESPACE @@ -37,12 +38,22 @@ CompiledData::Unit *CompilationUnitMapper::open(const QString &cacheFileName, co return nullptr; } - if (!ExecutableCompilationUnit::verifyHeader(&header, sourceTimeStamp, errorString)) + if (!header.verifyHeader(sourceTimeStamp, errorString)) return nullptr; // Data structure and qt version matched, so now we can access the rest of the file safely. length = static_cast<size_t>(lseek(fd, 0, SEEK_END)); + /* Error out early on file corruption. We assume we can read header.unitSize bytes + later (even before verifying the checksum), potentially causing out-of-bound + reads + Also, no need to wait until checksum verification if we know beforehand + that the cached unit is bogus + */ + if (length != header.unitSize) { + *errorString = QStringLiteral("Potential file corruption, file too small"); + return nullptr; + } void *ptr = mmap(nullptr, length, PROT_READ, MAP_SHARED, fd, /*offset*/0); if (ptr == MAP_FAILED) { |