From 0dd0d2f9d5b333b215848ea3965e3af3dccaf599 Mon Sep 17 00:00:00 2001
From: Martin Smith <martin.smith@digia.com>
Date: Thu, 28 May 2015 11:24:24 +0200
Subject: qdoc: fix invalid memory access in HtmlGenerator

HtmlGenerator::highlightedCode() contained a potential
out-of-range- memory reference, which is prevented by
this fix.

Change-Id: I3bc87a8287e1d51c2786f5ec42384dbac04c9636
Task-number: QTBUG-45643
Reviewed-by: Martin Smith <martin.smith@digia.com>
---
 src/tools/qdoc/htmlgenerator.cpp | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/tools/qdoc/htmlgenerator.cpp b/src/tools/qdoc/htmlgenerator.cpp
index e80187ec93..d7a17fce26 100644
--- a/src/tools/qdoc/htmlgenerator.cpp
+++ b/src/tools/qdoc/htmlgenerator.cpp
@@ -3551,7 +3551,8 @@ QString HtmlGenerator::highlightedCode(const QString& markedCode,
             bool handled = false;
             for (int k = 0; k != 18; ++k) {
                 const QString & tag = spanTags[2 * k];
-                if (tag == QStringRef(&src, i, tag.length())) {
+                if (i + tag.length() <= src.length() &&
+                    tag == QStringRef(&src, i, tag.length())) {
                     html += spanTags[2 * k + 1];
                     i += tag.length();
                     handled = true;
-- 
cgit v1.2.3-59-g8ed1b