Fix potential double-free in QSqlCachedResult::cleanup()

If d->sql is non-null, it gets freed; later in the same function, it gets reallocated, unless the query is empty, in which case the now-freed value was still recorded, so that later clean-up might find it and mistakenly think it needs to be freed again. Clear when freeing. Pick-to: 6.2 6.1 Change-Id: I8d37d2ba1fcaa320916eaf30dceaa720bbf62f38 Reviewed-by: Andy Shaw <andy.shaw@qt.io>
author: Edward Welbourne <edward.welbourne@qt.io> 2021-06-21 12:13:05 +0200
committer: Edward Welbourne <edward.welbourne@qt.io> 2021-06-22 20:09:36 +0200
commit: 0e1da78ad36a0639275b7a0ac8a046f46577452d (patch)
tree: 7af33aac50fe4ea5d8785f096bcbc47e3be1eec2 /src/plugins/sqldrivers/oci/qsql_oci.cpp
parent: c42ebd5ba6f1fb861cabdbe44ab10df55b9b3ada (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/src/plugins/sqldrivers/oci/qsql_oci.cpp b/src/plugins/sqldrivers/oci/qsql_oci.cpp
index 1ee4e26729..a3be29cb38 100644
--- a/src/plugins/sqldrivers/oci/qsql_oci.cpp
+++ b/src/plugins/sqldrivers/oci/qsql_oci.cpp
@@ -1983,7 +1983,9 @@ bool QOCIResult::prepare(const QString& query)
 
     if (d->sql) {
         r = OCIHandleFree(d->sql, OCI_HTYPE_STMT);
-        if (r != OCI_SUCCESS)
+        if (r == OCI_SUCCESS)
+            d->sql = nullptr;
+        else
             qOraWarning("QOCIResult::prepare: unable to free statement handle:", d->err);
     }
     if (query.isEmpty())
author	Edward Welbourne <edward.welbourne@qt.io>	2021-06-21 12:13:05 +0200
committer	Edward Welbourne <edward.welbourne@qt.io>	2021-06-22 20:09:36 +0200
commit	0e1da78ad36a0639275b7a0ac8a046f46577452d (patch)
tree	7af33aac50fe4ea5d8785f096bcbc47e3be1eec2 /src/plugins/sqldrivers/oci/qsql_oci.cpp
parent	c42ebd5ba6f1fb861cabdbe44ab10df55b9b3ada (diff)