Fix crash in QDBusDemarshaller QStringList extraction

author Sami Rosendahl <ext-sami.1.rosendahl@nokia.com>

Mon, 5 Dec 2011 11:06:40 +0000 (13:06 +0200)

committer Qt by Nokia <qt-info@nokia.com>

Sun, 25 Dec 2011 20:58:57 +0000 (21:58 +0100)
author Sami Rosendahl <ext-sami.1.rosendahl@nokia.com>
Mon, 5 Dec 2011 11:06:40 +0000 (13:06 +0200)
committer Qt by Nokia <qt-info@nokia.com>
Sun, 25 Dec 2011 20:58:57 +0000 (21:58 +0100)
diff --git a/src/dbus/qdbusargument_p.h b/src/dbus/qdbusargument_p.h

index 3ecb798..df2b2a0 100644 (file)
--- a/src/dbus/qdbusargument_p.h
+++ b/src/dbus/qdbusargument_p.h
@@ -212,6 +212,7 @@ private:
      QString toStringUnchecked();
      QDBusObjectPath toObjectPathUnchecked();
      QDBusSignature toSignatureUnchecked();
+    QStringList toStringListUnchecked();
  };
  
  inline QDBusMarshaller *QDBusArgumentPrivate::marshaller()
diff --git a/src/dbus/qdbusdemarshaller.cpp b/src/dbus/qdbusdemarshaller.cpp

index 0b6767f..b7e363a 100644 (file)
--- a/src/dbus/qdbusdemarshaller.cpp
+++ b/src/dbus/qdbusdemarshaller.cpp
@@ -274,7 +274,7 @@ QVariant QDBusDemarshaller::toVariantInternal()
              // QByteArray
              return toByteArray();
          case DBUS_TYPE_STRING:
-            return toStringList();
+            return toStringListUnchecked();
          case DBUS_TYPE_DICT_ENTRY:
              return QVariant::fromValue(duplicate());
  
@@ -317,7 +317,7 @@ bool QDBusDemarshaller::isCurrentTypeStringLike()
      }
  }
  
-QStringList QDBusDemarshaller::toStringList()
+QStringList QDBusDemarshaller::toStringListUnchecked()
  {
      QStringList list;
  
@@ -330,6 +330,15 @@ QStringList QDBusDemarshaller::toStringList()
      return list;
  }
  
+QStringList QDBusDemarshaller::toStringList()
+{
+    if (q_dbus_message_iter_get_arg_type(&iterator) == DBUS_TYPE_ARRAY
+            && q_dbus_message_iter_get_element_type(&iterator) == DBUS_TYPE_STRING)
+        return toStringListUnchecked();
+    else
+        return QStringList();
+}
+
  QByteArray QDBusDemarshaller::toByteArray()
  {
      DBusMessageIter sub;
diff --git a/tests/auto/dbus/qdbusmarshall/tst_qdbusmarshall.cpp b/tests/auto/dbus/qdbusmarshall/tst_qdbusmarshall.cpp

index ac8b5c1..8ce456b 100644 (file)
--- a/tests/auto/dbus/qdbusmarshall/tst_qdbusmarshall.cpp
+++ b/tests/auto/dbus/qdbusmarshall/tst_qdbusmarshall.cpp
@@ -99,6 +99,9 @@ private slots:
      void demarshallStrings_data();
      void demarshallStrings();
  
+    void demarshallInvalidStringList_data();
+    void demarshallInvalidStringList();
+
  private:
      int fileDescriptorForTest();
  
@@ -1375,5 +1378,54 @@ void tst_QDBusMarshall::demarshallStrings()
      QVERIFY(receiveArg.atEnd());
  }
  
+void tst_QDBusMarshall::demarshallInvalidStringList_data()
+{
+    addBasicTypesColumns();
+
+    // None of the basic types should demarshall to a string list
+    basicNumericTypes_data();
+    basicStringTypes_data();
+
+    // Arrays of non-string type should not demarshall to a string list
+    QList<bool> bools;
+    QTest::newRow("emptyboollist") << qVariantFromValue(bools);
+    bools << false << true << false;
+    QTest::newRow("boollist") << qVariantFromValue(bools);
+
+    // Structures should not demarshall to a QByteArray
+    QTest::newRow("struct of strings")
+            << qVariantFromValue(QVariantList() << QString("foo") << QString("bar"));
+    QTest::newRow("struct of mixed types")
+            << qVariantFromValue(QVariantList() << QString("foo") << int(42) << double(3.14));
+}
+
+void tst_QDBusMarshall::demarshallInvalidStringList()
+{
+    QFETCH(QVariant, value);
+
+    QDBusConnection con = QDBusConnection::sessionBus();
+
+    QVERIFY(con.isConnected());
+
+    QDBusMessage msg = QDBusMessage::createMethodCall(serviceName, objectPath,
+                                                      interfaceName, "ping");
+    QDBusArgument sendArg;
+    sendArg.beginStructure();
+    sendArg.appendVariant(value);
+    sendArg.endStructure();
+    msg.setArguments(QVariantList() << qVariantFromValue(sendArg));
+    QDBusMessage reply = con.call(msg);
+
+    const QDBusArgument receiveArg = qvariant_cast<QDBusArgument>(reply.arguments().at(0));
+    receiveArg.beginStructure();
+
+    QStringList receiveValue;
+    receiveArg >> receiveValue;
+    QCOMPARE(receiveValue, QStringList());
+
+    receiveArg.endStructure();
+    QVERIFY(receiveArg.atEnd());
+}
+
  QTEST_MAIN(tst_QDBusMarshall)
  #include "tst_qdbusmarshall.moc"
author	Sami Rosendahl <ext-sami.1.rosendahl@nokia.com>
	Mon, 5 Dec 2011 11:06:40 +0000 (13:06 +0200)
committer	Qt by Nokia <qt-info@nokia.com>
	Sun, 25 Dec 2011 20:58:57 +0000 (21:58 +0100)
src/dbus/qdbusargument_p.h		patch \| blob \| history
src/dbus/qdbusdemarshaller.cpp		patch \| blob \| history
tests/auto/dbus/qdbusmarshall/tst_qdbusmarshall.cpp		patch \| blob \| history