Make the canConvertMetaObject method safe

This triggered a crash in QtQml, where an manually created metattype interface set the PointerToQObject flag to true while not providing a metaobject. Change-Id: I206fb9655058a1e8a2d04e44186b05db33358338 Reviewed-by: Fabian Kosmale <fabian.kosmale@qt.io> Reviewed-by: Lars Knoll <lars.knoll@qt.io>
author: Lars Knoll <lars.knoll@qt.io> 2020-08-23 19:27:11 +0200
committer: Lars Knoll <lars.knoll@qt.io> 2020-08-24 00:19:48 +0200
commit: 75097c77822f38dfed883da7e6c30d108fb5b1ea (patch)
tree: 0a28561e2fc536d9232ecaa35afe1e707e38e2c0 /src/corelib/kernel
parent: 02dfec920951afc1c512aa41fd10b025ae1fbbb2 (diff)
1 files changed, 4 insertions, 3 deletions
diff --git a/src/corelib/kernel/qmetatype.cpp b/src/corelib/kernel/qmetatype.cpp
index 20d5c9130f..a87b98b12d 100644
--- a/src/corelib/kernel/qmetatype.cpp
+++ b/src/corelib/kernel/qmetatype.cpp
@@ -1968,9 +1968,10 @@ static bool convertToAssociativeIterable(QMetaType fromType, const void *from, v
 #ifndef QT_BOOTSTRAPPED
 static bool canConvertMetaObject(QMetaType fromType, QMetaType toType)
 {
-    if ((fromType.flags() & QMetaType::PointerToQObject) && (toType.flags() & QMetaType::PointerToQObject)) {
-        return fromType.metaObject()->inherits(toType.metaObject()) ||
-                toType.metaObject()->inherits(fromType.metaObject());
+    const QMetaObject *f = fromType.metaObject();
+    const QMetaObject *t = toType.metaObject();
+    if (f && t) {
+        return f->inherits(t) || (t->inherits(f));
     }
     return false;
 }
author	Lars Knoll <lars.knoll@qt.io>	2020-08-23 19:27:11 +0200
committer	Lars Knoll <lars.knoll@qt.io>	2020-08-24 00:19:48 +0200
commit	75097c77822f38dfed883da7e6c30d108fb5b1ea (patch)
tree	0a28561e2fc536d9232ecaa35afe1e707e38e2c0 /src/corelib/kernel
parent	02dfec920951afc1c512aa41fd10b025ae1fbbb2 (diff)