Fix handling of bad compose table

The ASAN talk at QtCon was pointing out a out of
bound read in a vector.
Let's try to do something about it.

If the lazy initialization of compose table fails,
the first character handling still tries to actually
access it. Later characters are properly handled
in the caller.

Reported-by: Hanno Böck
Change-Id: Ieac3e95361abd0fcd06c555bcd00ca1c4d8f1931
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>

1 files changed, 11 insertions, 3 deletions

diff --git a/src/plugins/platforminputcontexts/compose/qcomposeplatforminputcontext.cpp b/src/plugins/platforminputcontexts/compose/qcomposeplatforminputcontext.cpp
index d1bea9af23..fb40480203 100644
--- a/src/plugins/platforminputcontexts/compose/qcomposeplatforminputcontext.cpp
+++ b/src/plugins/platforminputcontexts/compose/qcomposeplatforminputcontext.cpp
@@ -162,11 +162,19 @@ bool QComposeInputContext::checkComposeTable()
         TableGenerator reader;
         m_tableState = reader.tableState();
 
-        if ((m_tableState & TableGenerator::NoErrors) == TableGenerator::NoErrors)
-            m_composeTable = reader.composeTable();
-
         m_compositionTableInitialized = true;
+        if ((m_tableState & TableGenerator::NoErrors) == TableGenerator::NoErrors) {
+            m_composeTable = reader.composeTable();
+        } else {
+#ifdef DEBUG_COMPOSING
+            qDebug( "### FAILED_PARSING ###" );
+#endif
+            // if we have errors, don' try to look things up anyways.
+            reset();
+            return false;
+        }
     }
+    Q_ASSERT(!m_composeTable.isEmpty());
     QVector<QComposeTableElement>::const_iterator it =
             std::lower_bound(m_composeTable.constBegin(), m_composeTable.constEnd(), m_composeBuffer, Compare());