summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorVolker Krause <volker.krause@kdab.com>2014-01-17 13:28:37 +0100
committerThe Qt Project <gerrit-noreply@qt-project.org>2014-01-18 11:16:40 +0100
commitec77f93b389d0a69af54f278a8bf7c4919fd696c (patch)
treed0319b220c4e1da71cbad7d57fc0508db5ad5756
parenteae8abbc188db559bb1509dbcab6807252edc32e (diff)
Fix crash when constructing a QVector with an empty initializer list.
Data::allocate(0) returns a pointer to read-only memory, updating d->size will segfault. The safety check for this exists in all other QVector ctors already. Change-Id: Ida0fe4182de56ee62c7f91e8652cfafbfd7b8410 Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
-rw-r--r--src/corelib/tools/qvector.h14
-rw-r--r--tests/auto/corelib/tools/qvector/tst_qvector.cpp3
2 files changed, 12 insertions, 5 deletions
diff --git a/src/corelib/tools/qvector.h b/src/corelib/tools/qvector.h
index f56511edbf..505e1a32e4 100644
--- a/src/corelib/tools/qvector.h
+++ b/src/corelib/tools/qvector.h
@@ -438,11 +438,15 @@ QVector<T>::QVector(int asize, const T &t)
template <typename T>
QVector<T>::QVector(std::initializer_list<T> args)
{
- d = Data::allocate(args.size());
- // std::initializer_list<T>::iterator is guaranteed to be
- // const T* ([support.initlist]/1), so can be memcpy'ed away from by copyConstruct
- copyConstruct(args.begin(), args.end(), d->begin());
- d->size = int(args.size());
+ if (args.size() > 0) {
+ d = Data::allocate(args.size());
+ // std::initializer_list<T>::iterator is guaranteed to be
+ // const T* ([support.initlist]/1), so can be memcpy'ed away from by copyConstruct
+ copyConstruct(args.begin(), args.end(), d->begin());
+ d->size = int(args.size());
+ } else {
+ d = Data::sharedNull();
+ }
}
#endif
diff --git a/tests/auto/corelib/tools/qvector/tst_qvector.cpp b/tests/auto/corelib/tools/qvector/tst_qvector.cpp
index 53caec4a64..59956e33cf 100644
--- a/tests/auto/corelib/tools/qvector/tst_qvector.cpp
+++ b/tests/auto/corelib/tools/qvector/tst_qvector.cpp
@@ -2042,6 +2042,9 @@ void tst_QVector::initializeList()
QVector<QVector<T>> v3;
v3 << v1 << (QVector<T>() << val4) << QVector<T>() << v1;
QCOMPARE(v3, v2);
+
+ QVector<T> v4({});
+ QCOMPARE(v4.size(), 0);
#endif
}