summaryrefslogtreecommitdiffstats
path: root/src/dbus
diff options
context:
space:
mode:
authorRobert Griebl <robert.griebl@qt.io>2020-11-18 23:12:35 +0100
committerRobert Griebl <robert.griebl@qt.io>2020-11-19 12:28:44 +0100
commit2fab1971fed22a9aa852e8df8155b6d5da83279d (patch)
tree3f23465f66a7c81b71c0968c00cdd034ab72776e /src/dbus
parent1c1c1e4559db204f339c26bd6cbb5d568dcd47e2 (diff)
Fix memory corruption in QDBusInterface signal emissions
If more than one signal parameter required conversions (e.g. 2 QVariantMaps), then the auxParameter list would be reallocated on the second append. This resulted in the reference to the first conversion (stored in params) to be broken. Found with valgrind after the QtApplicationManager started crashing weirdly when built against Qt 6. The same code is in Qt 5, but it just works fine there: I guess the reallocation strategy in QList is different there, so we never have to reallocate the list. Change-Id: I2e0c8906ebc9474c4ec9f53cafc1689003d5c4c5 Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Diffstat (limited to 'src/dbus')
-rw-r--r--src/dbus/qdbusintegrator.cpp4
1 files changed, 3 insertions, 1 deletions
diff --git a/src/dbus/qdbusintegrator.cpp b/src/dbus/qdbusintegrator.cpp
index 96f2244e0c..114931f3de 100644
--- a/src/dbus/qdbusintegrator.cpp
+++ b/src/dbus/qdbusintegrator.cpp
@@ -926,7 +926,9 @@ void QDBusConnectionPrivate::deliverCall(QObject *object, int /*flags*/, const Q
QVarLengthArray<void *, 10> params;
params.reserve(metaTypes.count());
- QVariantList auxParameters;
+ QVarLengthArray<QVariant, 10> auxParameters; // we cannot allow reallocation here, since we
+ auxParameters.reserve(metaTypes.count()); // keep references to the entries
+
// let's create the parameter list
// first one is the return type -- add it below