37 lines
1.2 KiB
Diff
37 lines
1.2 KiB
Diff
From 99ada3c3d329b6d7136b0425841dcaa654c9c05b Mon Sep 17 00:00:00 2001
|
|
From: Marc Mutz <marc.mutz@qt.io>
|
|
Date: Tue, 21 Dec 2021 09:20:17 +0100
|
|
Subject: [PATCH 08/21] QQmlJs::FixedPoolArray: fix UB (precondition violation)
|
|
in allocate()
|
|
|
|
Says ubsan:
|
|
|
|
qqmljsfixedpoolarray_p.h:90:19: runtime error: null pointer passed as argument 2, which is declared to never be null
|
|
|
|
Fix, like in so many other places, by a size check.
|
|
|
|
Pick-to: 6.3 6.2 5.15
|
|
Change-Id: I9181d6ecb467c2dc726978ce7f93b35a6bf2f944
|
|
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
|
|
(cherry picked from commit d74e931f3fc2587ac6d1e2930acbbe54ea5be2b5)
|
|
---
|
|
src/qml/common/qqmljsfixedpoolarray_p.h | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/src/qml/common/qqmljsfixedpoolarray_p.h b/src/qml/common/qqmljsfixedpoolarray_p.h
|
|
index b65b994d6c..15a8cd6878 100644
|
|
--- a/src/qml/common/qqmljsfixedpoolarray_p.h
|
|
+++ b/src/qml/common/qqmljsfixedpoolarray_p.h
|
|
@@ -86,7 +86,7 @@ public:
|
|
if (QTypeInfo<T>::isComplex) {
|
|
for (int i = 0; i < count; ++i)
|
|
new (data + i) T(vector.at(i));
|
|
- } else {
|
|
+ } else if (count) {
|
|
memcpy(data, static_cast<const void*>(vector.constData()), count * sizeof(T));
|
|
}
|
|
}
|
|
--
|
|
2.39.0
|
|
|