diff options
author | Chris Adams <christopher.adams@nokia.com> | 2012-05-31 14:00:48 +1000 |
---|---|---|
committer | Qt by Nokia <qt-info@nokia.com> | 2012-06-01 01:22:06 +0200 |
commit | fbee9834dc0fa1838a38e552eddd941af1ef39ac (patch) | |
tree | ad9db14e553a5026b6196073ce25f009b62ce391 | |
parent | 1e778ebd06c37f7a81e4247a5998d06fa849eff8 (diff) |
Fix crash in QStringBuilder when concatenating data-less QLatin1String
Previously, the append functions in QConcatenable in the QStringBuilder
dereferenced the data() pointer of the argument QLatin1String without
performing null check.
Change-Id: I629f19fbce3113f1f80f4272fa7ae34e1dbc6bee
Reviewed-by: Olivier Goffart <ogoffart@woboq.com>
-rw-r--r-- | src/corelib/tools/qstringbuilder.h | 12 | ||||
-rw-r--r-- | tests/auto/corelib/tools/qstringbuilder/qstringbuilder1/stringbuilder.cpp | 7 |
2 files changed, 15 insertions, 4 deletions
diff --git a/src/corelib/tools/qstringbuilder.h b/src/corelib/tools/qstringbuilder.h index 1f13d0da80..b3d47d2250 100644 --- a/src/corelib/tools/qstringbuilder.h +++ b/src/corelib/tools/qstringbuilder.h @@ -230,13 +230,17 @@ template <> struct QConcatenable<QLatin1String> static int size(const QLatin1String a) { return a.size(); } static inline void appendTo(const QLatin1String a, QChar *&out) { - for (const char *s = a.data(); *s; ) - *out++ = QLatin1Char(*s++); + if (a.data()) { + for (const char *s = a.data(); *s; ) + *out++ = QLatin1Char(*s++); + } } static inline void appendTo(const QLatin1String a, char *&out) { - for (const char *s = a.data(); *s; ) - *out++ = *s++; + if (a.data()) { + for (const char *s = a.data(); *s; ) + *out++ = *s++; + } } }; diff --git a/tests/auto/corelib/tools/qstringbuilder/qstringbuilder1/stringbuilder.cpp b/tests/auto/corelib/tools/qstringbuilder/qstringbuilder1/stringbuilder.cpp index 8955da97fa..c473017d36 100644 --- a/tests/auto/corelib/tools/qstringbuilder/qstringbuilder1/stringbuilder.cpp +++ b/tests/auto/corelib/tools/qstringbuilder/qstringbuilder1/stringbuilder.cpp @@ -211,6 +211,13 @@ void runScenario() str = (QString::fromUtf8(UTF8_LITERAL) += QLatin1String(LITERAL) P UTF8_LITERAL); QCOMPARE(str, QString::fromUtf8(UTF8_LITERAL LITERAL UTF8_LITERAL)); #endif + + QString str2 = QString::fromUtf8(UTF8_LITERAL); + QString str2_e = QString::fromUtf8(UTF8_LITERAL); + const char * nullData = 0; + str2 += QLatin1String(nullData) P str2; + str2_e += QLatin1String("") P str2_e; + QCOMPARE(str2, str2_e); } //operator QByteArray += |