Katana_mirror/katie
1
0
Fork 0
mirror of https://bitbucket.org/smil3y/katie.git synced 2025-02-24 19:02:59 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

add source pointer check to qAtomicAssign()

Browse source 
fixes possible pointer dereference in QJsonDocument and QDBusMessage

Signed-off-by: Ivailo Monev <xakepa10@gmail.com>
This commit is contained in:
Ivailo Monev 2021-03-20 17:09:55 +02:00
parent 7eacab7a52
commit c7252026f8
3 changed files with 18 additions and 29 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
src/core/thread/qatomic.h
View file

@ -257,7 +257,10 @@ inline void qAtomicAssign(T *&d, T *x)
return; return;
} }
if (x) {
x->ref.ref(); x->ref.ref();
}
if (d && !d->ref.deref()) { if (d && !d->ref.deref()) {
delete d; delete d;
} }

24
src/xml/dom/qdom.cpp
View file

@ -909,11 +909,7 @@ QDomImplementation::QDomImplementation(QDomImplementationPrivate *p)
*/ */
QDomImplementation& QDomImplementation::operator=(const QDomImplementation &x) QDomImplementation& QDomImplementation::operator=(const QDomImplementation &x)
{ {
if (x.impl) qAtomicAssign(impl, x.impl);
x.impl->ref.ref();
if (impl && !impl->ref.deref())
delete impl;
impl = x.impl;
return *this; return *this;
} }
@ -1306,11 +1302,7 @@ QDomNodeList::QDomNodeList(const QDomNodeList& n)
*/ */
QDomNodeList& QDomNodeList::operator=(const QDomNodeList &n) QDomNodeList& QDomNodeList::operator=(const QDomNodeList &n)
{ {
if (n.impl) qAtomicAssign(impl, n.impl);
n.impl->ref.ref();
if (impl && !impl->ref.deref())
delete impl;
impl = n.impl;
return *this; return *this;
} }
@ -2024,11 +2016,7 @@ QDomNode::QDomNode(QDomNodePrivate *n)
*/ */
QDomNode& QDomNode::operator=(const QDomNode &n) QDomNode& QDomNode::operator=(const QDomNode &n)
{ {
if (n.impl) qAtomicAssign(impl, n.impl);
n.impl->ref.ref();
if (impl && !impl->ref.deref())
delete impl;
impl = n.impl;
return *this; return *this;
} }
@ -3222,11 +3210,7 @@ QDomNamedNodeMap::QDomNamedNodeMap(QDomNamedNodeMapPrivate *n)
*/ */
QDomNamedNodeMap& QDomNamedNodeMap::operator=(const QDomNamedNodeMap &n) QDomNamedNodeMap& QDomNamedNodeMap::operator=(const QDomNamedNodeMap &n)
{ {
if (n.impl) qAtomicAssign(impl, n.impl);
n.impl->ref.ref();
if (impl && !impl->ref.deref())
delete impl;
impl = n.impl;
return *this; return *this;
} }

4
tests/auto/qjsondocument/tst_qjsondocument.cpp
View file

@ -153,9 +153,11 @@ void tst_QJsonDocument::eq_not_eq()
QVERIFY(nulljsondoc != jsondoc); QVERIFY(nulljsondoc != jsondoc);
// assignment crash test // assignment crash test
QJsonDocument jsondoc2 = QJsonDocument::fromVariant(testjsondata);
nulljsondoc = jsondoc; nulljsondoc = jsondoc;
jsondoc2 = nulljsondoc2;
// constructor crash // constructor crash test
QJsonDocument nulljsondoc3(nulljsondoc); QJsonDocument nulljsondoc3(nulljsondoc);
} }