diff options
| author | Timur Pocheptsov <timur.pocheptsov@qt.io> | 2017-03-16 13:21:27 +0100 |
|---|---|---|
| committer | Timur Pocheptsov <timur.pocheptsov@qt.io> | 2017-03-22 10:47:03 +0000 |
| commit | 64475272a251b3ba773fec4bc6d00cfe46d1854b (patch) | |
| tree | 3b2e561a72f49f6c03ad2f27d1b876bb01bd14d0 /src/plugins | |
| parent | b07a06745eb79057ccc08bc908b2df866bc38ac0 (diff) | |
QMacPasteBoard - protect against dangling pointers
In QMacPasteboard we use converters from QMacInternalPasteboardMime, which
has essentially a global QList of available converters.
QMacInternalPasteboardMime and derived classes register/unregister their
instances in this list (in ctors/dtors) and then QMacPasteboard is using
converters from this list. Unfortunately, when we're un-registering converter
(and this means we delete those objects) we do not remove dangling pointers
from our pasteboard objects. Apparently, this problem can be seen only when
working with macextras (thus having an access to this private API in client's
code).
Task-number: QTBUG-54832
Change-Id: Ie3aef4aaca8ef6c80544dc58821cf43fc26f84a1
Reviewed-by: Morten Johan Sørvig <morten.sorvig@qt.io>
Diffstat (limited to 'src/plugins')
| -rw-r--r-- | src/plugins/platforms/cocoa/qmacclipboard.mm | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/src/plugins/platforms/cocoa/qmacclipboard.mm b/src/plugins/platforms/cocoa/qmacclipboard.mm index e09bb1e362..f3467fdc73 100644 --- a/src/plugins/platforms/cocoa/qmacclipboard.mm +++ b/src/plugins/platforms/cocoa/qmacclipboard.mm @@ -139,10 +139,22 @@ OSStatus QMacPasteboard::promiseKeeper(PasteboardRef paste, PasteboardItemID id, const long promise_id = (long)id; // Find the kept promise + QList<QMacInternalPasteboardMime*> availableConverters + = QMacInternalPasteboardMime::all(QMacInternalPasteboardMime::MIME_ALL); const QString flavorAsQString = QString::fromCFString(flavor); QMacPasteboard::Promise promise; for (int i = 0; i < qpaste->promises.size(); i++){ QMacPasteboard::Promise tmp = qpaste->promises[i]; + if (!availableConverters.contains(tmp.convertor)) { + // promise.converter is a pointer initialized by the value found + // in QMacInternalPasteboardMime's global list of QMacInternalPasteboardMimes. + // We add pointers to this list in QMacInternalPasteboardMime's ctor; + // we remove these pointers in QMacInternalPasteboardMime's dtor. + // If tmp.converter was not found in this list, we probably have a + // dangling pointer so let's skip it. + continue; + } + if (tmp.itemId == promise_id && tmp.convertor->canConvert(tmp.mime, flavorAsQString)){ promise = tmp; break; |