diff options
author | Simon Hausmann <simon.hausmann@qt.io> | 2018-08-07 10:07:45 +0200 |
---|---|---|
committer | Simon Hausmann <simon.hausmann@qt.io> | 2018-08-07 11:14:58 +0000 |
commit | 70b7b2bffc09278e1f7210268ffcc871bc6d1c0f (patch) | |
tree | 0dddbb58d2aaf6921a8f7ae4f6bae9329695f2c6 /src/corelib/kernel/qvariant.cpp | |
parent | 4ec155053a77dd3817f11fc22c936533131eb681 (diff) |
Fix ASAN error about new-delete-size-mismatch in QVariant
We allocate the variant's PrivateShared for custom types with space for
the actual custom type right after that, using operator new to allocate
the memory and a new calls for the constructors. However to free the
memory we merely call delete on the private shared, which upsets ASAN
because the size passed to operator delete is the size of the private
shared, which is not the same as the size that was provided for the
returned address.
This is easily fixable by calling the destructor explicitly and calling
operator delete with just the pointer.
Change-Id: I50afbe0e8afc875c0876e85e02689dcbdc152633
Reviewed-by: Erik Verbruggen <erik.verbruggen@qt.io>
Reviewed-by: Jędrzej Nowacki <jedrzej.nowacki@qt.io>
Reviewed-by: Olivier Goffart (Woboq GmbH) <ogoffart@woboq.com>
Diffstat (limited to 'src/corelib/kernel/qvariant.cpp')
-rw-r--r-- | src/corelib/kernel/qvariant.cpp | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/corelib/kernel/qvariant.cpp b/src/corelib/kernel/qvariant.cpp index c2faca4220..4d1aa911f7 100644 --- a/src/corelib/kernel/qvariant.cpp +++ b/src/corelib/kernel/qvariant.cpp @@ -1479,7 +1479,8 @@ static void customClear(QVariant::Private *d) QMetaType::destruct(d->type, &d->data.ptr); } else { QMetaType::destruct(d->type, d->data.shared->ptr); - delete d->data.shared; + d->data.shared->~PrivateShared(); + operator delete(d->data.shared); } } |