diff options
author | Andrei Golubev <andrei.golubev@qt.io> | 2021-07-01 15:24:46 +0200 |
---|---|---|
committer | Andrei Golubev <andrei.golubev@qt.io> | 2021-07-05 09:30:01 +0200 |
commit | 565864090d4ca38768c2268ffd265d2f4b49d1b0 (patch) | |
tree | 36bb6d9e653fd6855a8c73be31c36f3f8fcf8d81 /src/gui/image/qimage.cpp | |
parent | 3739ef335b912b893cb4c8e5adb5be28f9d990aa (diff) |
Fix binding functor addressing in QProperty
We create the callable object at sizeof(QPBP) offset from
the beginning of the memory block. However, evaluateRecursive()
uses sizeof() + alignment when fetching that same callable from
the memory
While on 64-bit platforms this is fine due to
sizeof(QPBP) == QPBP::getSizeEnsuringAlignment(), this is broken for
32-bit systems where there's actually alignment bits that follow the
QPBP struct in memory (and thus we cast a random memory location to
an object)
(Note: QPBP is short for QPropertyBindingPrivate)
To fix this, change the offset for creation and destruction of the
callable to the one that uses alignment. This way, evaluateRecursive()
code becomes correct
Fixes: QTBUG-93890
Pick-to: 6.1 6.2
Change-Id: Ief57051846632fa61df4b79b3f054c25062a9498
Reviewed-by: Fabian Kosmale <fabian.kosmale@qt.io>
Diffstat (limited to 'src/gui/image/qimage.cpp')
0 files changed, 0 insertions, 0 deletions