projects / profile / ivi / qtbase.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 1e778eb)
Fix crash in QStringBuilder when concatenating data-less QLatin1String
authorChris Adams <christopher.adams@nokia.com>
Thu, 31 May 2012 04:00:48 +0000 (14:00 +1000)
committerQt by Nokia <qt-info@nokia.com>
Thu, 31 May 2012 23:22:06 +0000 (01:22 +0200)
Previously, the append functions in QConcatenable in the QStringBuilder
dereferenced the data() pointer of the argument QLatin1String without
performing null check.

Change-Id: I629f19fbce3113f1f80f4272fa7ae34e1dbc6bee
Reviewed-by: Olivier Goffart <ogoffart@woboq.com>
src/corelib/tools/qstringbuilder.h patch | blob | history
tests/auto/corelib/tools/qstringbuilder/qstringbuilder1/stringbuilder.cpp patch | blob | history

diff --git a/src/corelib/tools/qstringbuilder.h b/src/corelib/tools/qstringbuilder.h
index 1f13d0d..b3d47d2 100644 (file)
--- a/src/corelib/tools/qstringbuilder.h
+++ b/src/corelib/tools/qstringbuilder.h
@@ -230,13 +230,17 @@ template <> struct QConcatenable<QLatin1String>
     static int size(const QLatin1String a) { return a.size(); }
     static inline void appendTo(const QLatin1String a, QChar *&out)
     {
-        for (const char *s = a.data(); *s; )
-            *out++ = QLatin1Char(*s++);
+        if (a.data()) {
+            for (const char *s = a.data(); *s; )
+                *out++ = QLatin1Char(*s++);
+        }
     }
     static inline void appendTo(const QLatin1String a, char *&out)
     {
-        for (const char *s = a.data(); *s; )
-            *out++ = *s++;
+        if (a.data()) {
+            for (const char *s = a.data(); *s; )
+                *out++ = *s++;
+        }
     }
 };
 
diff --git a/tests/auto/corelib/tools/qstringbuilder/qstringbuilder1/stringbuilder.cpp b/tests/auto/corelib/tools/qstringbuilder/qstringbuilder1/stringbuilder.cpp
index 8955da9..c473017 100644 (file)
--- a/tests/auto/corelib/tools/qstringbuilder/qstringbuilder1/stringbuilder.cpp
+++ b/tests/auto/corelib/tools/qstringbuilder/qstringbuilder1/stringbuilder.cpp
@@ -211,6 +211,13 @@ void runScenario()
         str = (QString::fromUtf8(UTF8_LITERAL) += QLatin1String(LITERAL) P UTF8_LITERAL);
         QCOMPARE(str, QString::fromUtf8(UTF8_LITERAL LITERAL UTF8_LITERAL));
 #endif
+
+        QString str2 = QString::fromUtf8(UTF8_LITERAL);
+        QString str2_e = QString::fromUtf8(UTF8_LITERAL);
+        const char * nullData = 0;
+        str2 += QLatin1String(nullData) P str2;
+        str2_e += QLatin1String("") P str2_e;
+        QCOMPARE(str2, str2_e);
     }
 
     //operator QByteArray  +=
Domain: UI Framework / Uncategorized;