From e3429f764b37c3d58faf06c6e1856e66fb8d64b9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C4=99drzej=20Nowacki?= Date: Thu, 8 Mar 2012 15:56:33 +0100 Subject: Crash fix in QMetaType::typeFlags. The function is public, so it should validate input instead of crashing Change-Id: Id67463b0b61ab74a76c1ede7f052bdbed37822b6 Reviewed-by: Stephen Kelly --- src/corelib/kernel/qmetatype.cpp | 2 +- tests/auto/corelib/kernel/qmetatype/tst_qmetatype.cpp | 6 ++++++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/src/corelib/kernel/qmetatype.cpp b/src/corelib/kernel/qmetatype.cpp index 0be813f4f2..5032cf9590 100644 --- a/src/corelib/kernel/qmetatype.cpp +++ b/src/corelib/kernel/qmetatype.cpp @@ -1616,7 +1616,7 @@ private: static quint32 customTypeFlags(const int type) { const QVector * const ct = customTypes(); - if (Q_UNLIKELY(!ct)) + if (Q_UNLIKELY(!ct || type < QMetaType::User)) return 0; QReadLocker locker(customTypesLock()); if (Q_UNLIKELY(ct->count() <= type - QMetaType::User)) diff --git a/tests/auto/corelib/kernel/qmetatype/tst_qmetatype.cpp b/tests/auto/corelib/kernel/qmetatype/tst_qmetatype.cpp index 35439885c9..3c21a5053f 100644 --- a/tests/auto/corelib/kernel/qmetatype/tst_qmetatype.cpp +++ b/tests/auto/corelib/kernel/qmetatype/tst_qmetatype.cpp @@ -743,6 +743,12 @@ QT_FOR_EACH_STATIC_CORE_POINTER(ADD_METATYPE_TEST_ROW) QTest::newRow("QPair") << ::qMetaTypeId >() << false << true << false; QTest::newRow("QPair") << ::qMetaTypeId >() << true << true << false; QTest::newRow("QPair") << ::qMetaTypeId >() << true << false << false; + + // invalid ids. + QTest::newRow("-1") << -1 << false << false << false; + QTest::newRow("-124125534") << -124125534 << false << false << false; + QTest::newRow("124125534") << 124125534 << false << false << false; + } void tst_QMetaType::flags() -- cgit v1.2.3