From 469d68b344380c1a9ccef95bb784b39a436a7634 Mon Sep 17 00:00:00 2001 From: Sune Vuorela Date: Sun, 4 Sep 2016 14:59:37 +0200 Subject: Fix handling of bad compose table MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The ASAN talk at QtCon was pointing out a out of bound read in a vector. Let's try to do something about it. If the lazy initialization of compose table fails, the first character handling still tries to actually access it. Later characters are properly handled in the caller. Reported-by: Hanno Böck Change-Id: Ieac3e95361abd0fcd06c555bcd00ca1c4d8f1931 Reviewed-by: Thiago Macieira --- .../compose/qcomposeplatforminputcontext.cpp | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) (limited to 'src/plugins/platforminputcontexts') diff --git a/src/plugins/platforminputcontexts/compose/qcomposeplatforminputcontext.cpp b/src/plugins/platforminputcontexts/compose/qcomposeplatforminputcontext.cpp index d1bea9af23..fb40480203 100644 --- a/src/plugins/platforminputcontexts/compose/qcomposeplatforminputcontext.cpp +++ b/src/plugins/platforminputcontexts/compose/qcomposeplatforminputcontext.cpp @@ -162,11 +162,19 @@ bool QComposeInputContext::checkComposeTable() TableGenerator reader; m_tableState = reader.tableState(); - if ((m_tableState & TableGenerator::NoErrors) == TableGenerator::NoErrors) - m_composeTable = reader.composeTable(); - m_compositionTableInitialized = true; + if ((m_tableState & TableGenerator::NoErrors) == TableGenerator::NoErrors) { + m_composeTable = reader.composeTable(); + } else { +#ifdef DEBUG_COMPOSING + qDebug( "### FAILED_PARSING ###" ); +#endif + // if we have errors, don' try to look things up anyways. + reset(); + return false; + } } + Q_ASSERT(!m_composeTable.isEmpty()); QVector::const_iterator it = std::lower_bound(m_composeTable.constBegin(), m_composeTable.constEnd(), m_composeBuffer, Compare()); -- cgit v1.2.3