feedc0de/qt-creator
1
0
Fork 0
forked from qt-creator/qt-creator
Code Pull Requests Activity

QML Debugger: Guard against some invalid data

Browse Source 
If the debug service announced unreasonably large numbers of objects and
contexts, we would fill an unreasonable amount of memory with junk here.

Change-Id: I461d378f35c7b87ee0be1b5a09aed3d27a133343
Reviewed-by: hjk <hjk@qt.io>
Reviewed-by: Eike Ziller <eike.ziller@qt.io>
This commit is contained in:
Ulf Hermann
2018-11-29 10:43:42 +01:00
parent 3d92a79a09
commit 137d02678e
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/libs/qmldebug/baseenginedebugclient.cpp
View File

@@ -155,7 +155,7 @@ void BaseEngineDebugClient::decode(QDataStream &ds,
int contextCount; int contextCount;
ds >> contextCount; ds >> contextCount;
for (int ii = 0; ii < contextCount; ++ii) { for (int ii = 0; ii < contextCount && !ds.atEnd(); ++ii) {
c.m_contexts.append(ContextReference()); c.m_contexts.append(ContextReference());
decode(ds, c.m_contexts.last()); decode(ds, c.m_contexts.last());
} }
@@ -163,7 +163,7 @@ void BaseEngineDebugClient::decode(QDataStream &ds,
int objectCount; int objectCount;
ds >> objectCount; ds >> objectCount;
for (int ii = 0; ii < objectCount; ++ii) { for (int ii = 0; ii < objectCount && !ds.atEnd(); ++ii) {
ObjectReference obj; ObjectReference obj;
decode(ds, obj, true); decode(ds, obj, true);
obj.m_contextDebugId = c.m_debugId; obj.m_contextDebugId = c.m_debugId;