From 2e6196f727cbc5c23be8d264e160933b283cb459 Mon Sep 17 00:00:00 2001
From: Lars Knoll <lars.knoll@qt.io>
Date: Mon, 16 Apr 2018 10:35:54 +0200
Subject: Add a null pointer check

The data pointer in ArrayBuffer can be null, if the
constructor tried to allocate an object with an
invalid length;

Change-Id: I4a37dfa2c749db02982c69ca065c2e7ce9902a93
Reviewed-by: Simon Hausmann <simon.hausmann@qt.io>
---
 src/qml/jsruntime/qv4arraybuffer.cpp | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/src/qml/jsruntime/qv4arraybuffer.cpp b/src/qml/jsruntime/qv4arraybuffer.cpp
index c4eddb6b2a..59a2b9d913 100644
--- a/src/qml/jsruntime/qv4arraybuffer.cpp
+++ b/src/qml/jsruntime/qv4arraybuffer.cpp
@@ -96,7 +96,6 @@ void Heap::ArrayBuffer::init(size_t length)
     Object::init();
     data = QTypedArrayData<char>::allocate(length + 1);
     if (!data) {
-        data = nullptr;
         internalClass->engine->throwRangeError(QStringLiteral("ArrayBuffer: out of memory"));
         return;
     }
@@ -113,7 +112,7 @@ void Heap::ArrayBuffer::init(const QByteArray& array)
 
 void Heap::ArrayBuffer::destroy()
 {
-    if (!data->ref.deref())
+    if (data && !data->ref.deref())
         QTypedArrayData<char>::deallocate(data);
     Object::destroy();
 }
-- 
cgit v1.2.3