1 files changed, 17 insertions, 0 deletions

diff --git a/src/qml/jsruntime/qv4compilationunitmapper_win.cpp b/src/qml/jsruntime/qv4compilationunitmapper_win.cpp
index b4f0a6ff4d..de950ece05 100644
--- a/src/qml/jsruntime/qv4compilationunitmapper_win.cpp
+++ b/src/qml/jsruntime/qv4compilationunitmapper_win.cpp
@@ -86,6 +86,23 @@ CompiledData::Unit *CompilationUnitMapper::open(const QString &cacheFileName, co
 
     // Data structure and qt version matched, so now we can access the rest of the file safely.
 
+    /* Error out early on file corruption. We assume we can read header.unitSize bytes
+       later (even before verifying the checksum), potentially causing out-of-bound
+       reads
+       Also, no need to wait until checksum verification if we know beforehand
+       that the cached unit is bogus
+    */
+    LARGE_INTEGER fileSize;
+    if (!GetFileSizeEx(handle, &fileSize)) {
+        *errorString = QStringLiteral("Could not determine file size");
+        return nullptr;
+    }
+    if (header.unitSize != fileSize.QuadPart) {
+        *errorString = QStringLiteral("Potential file corruption, file too small");
+        return nullptr;
+    }
+
+
     HANDLE fileMappingHandle = CreateFileMapping(handle, 0, PAGE_READONLY, 0, 0, 0);
     if (!fileMappingHandle) {
         *errorString = qt_error_string(GetLastError());