diff options
Diffstat (limited to 'src/qml/jsruntime/qv4dataview.cpp')
-rw-r--r-- | src/qml/jsruntime/qv4dataview.cpp | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/qml/jsruntime/qv4dataview.cpp b/src/qml/jsruntime/qv4dataview.cpp index bb1acb963e..264057e162 100644 --- a/src/qml/jsruntime/qv4dataview.cpp +++ b/src/qml/jsruntime/qv4dataview.cpp @@ -92,7 +92,7 @@ ReturnedValue DataViewCtor::virtualCallAsConstructor(const FunctionObject *f, co uint byteLength = (argc < 3 || argv[2].isUndefined()) ? (bufferLength - offset) : ::toIndex(scope.engine, argv[2]); if (scope.hasException()) return Encode::undefined(); - if (offset + byteLength > bufferLength) + if (offset > bufferLength || byteLength > bufferLength - offset) return scope.engine->throwRangeError(QStringLiteral("DataView: constructor arguments out of range")); Scoped<DataView> a(scope, scope.engine->memoryManager->allocate<DataView>()); |