From 61d04ded2b3f5ca968ed6379a72b0abf2fb49b46 Mon Sep 17 00:00:00 2001
From: Lars Knoll <lars.knoll@qt.io>
Date: Wed, 2 May 2018 10:20:14 +0200
Subject: Fix asan warnings

Don't try to allocate an array buffer with negative length.

Change-Id: Ie95b9bcf7a3108b47df27ef813b7922e9da42b17
Reviewed-by: Simon Hausmann <simon.hausmann@qt.io>
---
 src/qml/jsruntime/qv4arraybuffer.cpp | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'src/qml/jsruntime/qv4arraybuffer.cpp')

diff --git a/src/qml/jsruntime/qv4arraybuffer.cpp b/src/qml/jsruntime/qv4arraybuffer.cpp
index 59a2b9d913..95dd5444c3 100644
--- a/src/qml/jsruntime/qv4arraybuffer.cpp
+++ b/src/qml/jsruntime/qv4arraybuffer.cpp
@@ -94,7 +94,8 @@ ReturnedValue ArrayBufferCtor::method_isView(const FunctionObject *, const Value
 void Heap::ArrayBuffer::init(size_t length)
 {
     Object::init();
-    data = QTypedArrayData<char>::allocate(length + 1);
+    if (length < UINT_MAX)
+        data = QTypedArrayData<char>::allocate(length + 1);
     if (!data) {
         internalClass->engine->throwRangeError(QStringLiteral("ArrayBuffer: out of memory"));
         return;
-- 
cgit v1.2.3