8e47474baf
The added test case contains the binary JSON equivalent of
["ž"]
with the modification that the string's length has been set to INT_MAX. In
Value::usedStorage this length is used through the pointer d like so
s = sizeof(int) + sizeof(ushort) * qFromLittleEndian(*(int *)d);
Because 2 * INT_MAX is UINT_MAX-1, the expression as a whole evaluates to 2,
which is considered a valid storage size. However, when converting this binary
JSON into ordinary JSON we will attempt to construct a QString of length
INT_MAX.
Fixed by using String::isValid instead of Value::usedStorage. This method
already takes care to avoid the overflow problem. Additionally, I've tried in
this patch to clarify the behavior of Value::isValid a bit by writing it in a
style that is hopefully more amenable to structural induction.
Finally, the test case added in my previous patch had the wrong file extension
and is renamed in this one.
Task-number: QTBUG-61969
Change-Id: I45d891f2467a71d8d105822ef7eb1a73c3efa67a
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
|
||
|---|---|---|
| .. | ||
| 10.bjson | ||
| 11.bjson | ||
| 12.bjson | ||
| 13.bjson | ||
| 14.bjson | ||
| 15.bjson | ||
| 16.bjson | ||
| 17.bjson | ||
| 18.bjson | ||
| 19.bjson | ||
| 20.bjson | ||
| 21.bjson | ||
| 22.bjson | ||
| 23.bjson | ||
| 24.bjson | ||
| 25.bjson | ||
| 26.bjson | ||
| 27.bjson | ||
| 28.bjson | ||
| 29.bjson | ||
| 30.bjson | ||
| 31.bjson | ||
| 32.bjson | ||
| 33.bjson | ||
| 34.bjson | ||
| 35.bjson | ||
| 36.bjson | ||
| 37.bjson | ||
| 38.bjson | ||
| 39.bjson | ||
| 40.bjson | ||
| 41.bjson | ||