From 137d02678e017ab94f83732c0f72927c7d46cd90 Mon Sep 17 00:00:00 2001
From: Ulf Hermann <ulf.hermann@qt.io>
Date: Thu, 29 Nov 2018 10:43:42 +0100
Subject: [PATCH] QML Debugger: Guard against some invalid data

If the debug service announced unreasonably large numbers of objects and
contexts, we would fill an unreasonable amount of memory with junk here.

Change-Id: I461d378f35c7b87ee0be1b5a09aed3d27a133343
Reviewed-by: hjk <hjk@qt.io>
Reviewed-by: Eike Ziller <eike.ziller@qt.io>
---
 src/libs/qmldebug/baseenginedebugclient.cpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/libs/qmldebug/baseenginedebugclient.cpp b/src/libs/qmldebug/baseenginedebugclient.cpp
index df014e43a00..7f8c64f151e 100644
--- a/src/libs/qmldebug/baseenginedebugclient.cpp
+++ b/src/libs/qmldebug/baseenginedebugclient.cpp
@@ -155,7 +155,7 @@ void BaseEngineDebugClient::decode(QDataStream &ds,
     int contextCount;
     ds >> contextCount;
 
-    for (int ii = 0; ii < contextCount; ++ii) {
+    for (int ii = 0; ii < contextCount && !ds.atEnd(); ++ii) {
         c.m_contexts.append(ContextReference());
         decode(ds, c.m_contexts.last());
     }
@@ -163,7 +163,7 @@ void BaseEngineDebugClient::decode(QDataStream &ds,
     int objectCount;
     ds >> objectCount;
 
-    for (int ii = 0; ii < objectCount; ++ii) {
+    for (int ii = 0; ii < objectCount && !ds.atEnd(); ++ii) {
         ObjectReference obj;
         decode(ds, obj, true);
         obj.m_contextDebugId = c.m_debugId;