From 5b4c996f3643d3805080cd3eabba97295348ecb7 Mon Sep 17 00:00:00 2001
From: Frederik Gladhorn <frederik.gladhorn@digia.com>
Date: Thu, 3 Jul 2014 16:09:18 +0200
Subject: Accessibility Linux: Fix crashes when accessing invalid functions

There is no way to prevent ATs from calling random functions on DBus.
While these functions shouldn't exist when we don't advertise the
interface, they should just fail gracefully.

Task-number: QTBUG-40044
Change-Id: Ia29b49b16feabc0beb80007456e53497f230c7d4
Reviewed-by: Gabriel de Dietrich <gabriel.dedietrich@digia.com>
---
 .../linuxaccessibility/atspiadaptor.cpp               | 19 +++++++++++++------
 1 file changed, 13 insertions(+), 6 deletions(-)

(limited to 'src/platformsupport')

diff --git a/src/platformsupport/linuxaccessibility/atspiadaptor.cpp b/src/platformsupport/linuxaccessibility/atspiadaptor.cpp
index 0fa1d96242..84f82cdeda 100644
--- a/src/platformsupport/linuxaccessibility/atspiadaptor.cpp
+++ b/src/platformsupport/linuxaccessibility/atspiadaptor.cpp
@@ -2071,7 +2071,10 @@ bool AtSpiAdaptor::editableTextInterface(QAccessibleInterface *interface, const
         connection.send(message.createReply(true));
     } else if (function == QLatin1String("SetTextContents")) {
         QString newContents = message.arguments().at(0).toString();
-        interface->editableTextInterface()->replaceText(0, interface->textInterface()->characterCount(), newContents);
+        if (QAccessibleEditableTextInterface *editableTextIface = interface->editableTextInterface())
+            editableTextIface->replaceText(0, interface->textInterface()->characterCount(), newContents);
+        else
+            replaceTextFallback(interface, 0, -1, newContents);
         connection.send(message.createReply(true));
     } else if (function == QLatin1String("")) {
         connection.send(message.createReply());
@@ -2085,23 +2088,27 @@ bool AtSpiAdaptor::editableTextInterface(QAccessibleInterface *interface, const
 // Value interface
 bool AtSpiAdaptor::valueInterface(QAccessibleInterface *interface, const QString &function, const QDBusMessage &message, const QDBusConnection &connection)
 {
+    QAccessibleValueInterface *valueIface = interface->valueInterface();
+    if (!valueIface)
+        return false;
+
     if (function == QLatin1String("SetCurrentValue")) {
         QDBusVariant v = message.arguments().at(2).value<QDBusVariant>();
         double value = v.variant().toDouble();
         //Temporary fix
         //See https://bugzilla.gnome.org/show_bug.cgi?id=652596
-        interface->valueInterface()->setCurrentValue(value);
+        valueIface->setCurrentValue(value);
         connection.send(message.createReply()); // FIXME is the reply needed?
     } else {
         QVariant value;
         if (function == QLatin1String("GetCurrentValue"))
-            value = interface->valueInterface()->currentValue();
+            value = valueIface->currentValue();
         else if (function == QLatin1String("GetMaximumValue"))
-            value = interface->valueInterface()->maximumValue();
+            value = valueIface->maximumValue();
         else if (function == QLatin1String("GetMinimumIncrement"))
-            value = interface->valueInterface()->minimumStepSize();
+            value = valueIface->minimumStepSize();
         else if (function == QLatin1String("GetMinimumValue"))
-            value = interface->valueInterface()->minimumValue();
+            value = valueIface->minimumValue();
         else {
             qAtspiDebug() << "WARNING: AtSpiAdaptor::valueInterface does not implement " << function << message.path();
             return false;
-- 
cgit v1.2.3