Permalink
Browse files

Don't try to read past the end of a list

AFL-FUZZ: Accessing variable 'Qt' without a second .-separated component
causes a crash due to an attempt to access a list item at a non-existent
position
  • Loading branch information...
steveire committed Jul 16, 2017
1 parent 91fb714 commit 312e4a440f2278b504273e285b99c16a9ff22e63
Showing with 6 additions and 1 deletion.
  1. +3 −0 templates/lib/variable.cpp
  2. +3 −1 templates/tests/testbuiltins.cpp
@@ -172,6 +172,9 @@ QVariant Variable::resolve(Context *c) const
auto i = 0;
if (d->m_lookups.at(i) == QStringLiteral("Qt")) {
++i;
if (d->m_lookups.size() <= i)
return QVariant();
const auto nextPart = d->m_lookups.at(i);
++i;
@@ -748,8 +748,10 @@ void TestBuiltinSyntax::testEnums_data()
QTest::newRow("qt-enums06") << QStringLiteral("{{ Qt.Alignment.2.key }}")
<< dict << QStringLiteral("AlignRight")
<< NoError;
QTest::newRow("qt-enums06") << QStringLiteral("{{ Qt.DoesNotExist }}") << dict
QTest::newRow("qt-enums07") << QStringLiteral("{{ Qt.DoesNotExist }}") << dict
<< QString() << NoError;
QTest::newRow("qt-enums08") << QStringLiteral("{{ Qt }}") << dict << QString()
<< NoError;
}
void TestBuiltinSyntax::testListIndex_data()

0 comments on commit 312e4a4

Please sign in to comment.