From ef403ba46a0fc28f9209d66de153e4a44ab635ff Mon Sep 17 00:00:00 2001 From: Volker Krause Date: Fri, 27 Jul 2012 10:59:47 +0200 Subject: Fix crash in QVariant::canConvert(). When containing a QObject (or sub-class) pointer and trying to convert to a QObject pointer canConvert() did dereference the pointer without checking for it being null. Change-Id: Ie274e54f2f817f2b6c5df64504f8af6359b8f38d Reviewed-by: Stephen Kelly --- .../auto/corelib/kernel/qvariant/tst_qvariant.cpp | 28 ++++++++++++++-------- 1 file changed, 18 insertions(+), 10 deletions(-) (limited to 'tests/auto/corelib/kernel/qvariant/tst_qvariant.cpp') diff --git a/tests/auto/corelib/kernel/qvariant/tst_qvariant.cpp b/tests/auto/corelib/kernel/qvariant/tst_qvariant.cpp index 7fc092b44d..6e1b9f87a7 100644 --- a/tests/auto/corelib/kernel/qvariant/tst_qvariant.cpp +++ b/tests/auto/corelib/kernel/qvariant/tst_qvariant.cpp @@ -2100,39 +2100,47 @@ void tst_QVariant::qvariant_cast_QObject_data() { QTest::addColumn("data"); QTest::addColumn("success"); + QTest::addColumn("isNull"); QObject *obj = new QObject; obj->setObjectName(QString::fromLatin1("Hello")); - QTest::newRow("from QObject") << QVariant(QMetaType::QObjectStar, &obj) << true; - QTest::newRow("from QObject2") << QVariant::fromValue(obj) << true; - QTest::newRow("from String") << QVariant(QLatin1String("1, 2, 3")) << false; - QTest::newRow("from int") << QVariant((int) 123) << false; + QTest::newRow("from QObject") << QVariant(QMetaType::QObjectStar, &obj) << true << false; + QTest::newRow("from QObject2") << QVariant::fromValue(obj) << true << false; + QTest::newRow("from String") << QVariant(QLatin1String("1, 2, 3")) << false << false; + QTest::newRow("from int") << QVariant((int) 123) << false << false; CustomQObject *customObject = new CustomQObject(this); customObject->setObjectName(QString::fromLatin1("Hello")); - QTest::newRow("from Derived QObject") << QVariant::fromValue(customObject) << true; - QTest::newRow("from custom Object") << QVariant::fromValue(CustomNonQObject()) << false; + QTest::newRow("from Derived QObject") << QVariant::fromValue(customObject) << true << false; + QTest::newRow("from custom Object") << QVariant::fromValue(CustomNonQObject()) << false << false; // Deleted in cleanupTestCase. customNonQObjectPointer = new CustomNonQObject; - QTest::newRow("from custom ObjectStar") << QVariant::fromValue(customNonQObjectPointer) << false; + QTest::newRow("from custom ObjectStar") << QVariant::fromValue(customNonQObjectPointer) << false << false; // Deleted in cleanupTestCase. objectPointerTestData.push_back(obj); objectPointerTestData.push_back(customObject); + + QTest::newRow("null QObject") << QVariant::fromValue(0) << true << true; + QTest::newRow("null derived QObject") << QVariant::fromValue(0) << true << true; + QTest::newRow("null custom object") << QVariant::fromValue(0) << false << true; + QTest::newRow("null int") << QVariant::fromValue(0) << false << true; } void tst_QVariant::qvariant_cast_QObject() { QFETCH(QVariant, data); QFETCH(bool, success); + QFETCH(bool, isNull); QObject *o = qvariant_cast(data); - QCOMPARE(o != 0, success); + QCOMPARE(o != 0, success && !isNull); if (success) { - QCOMPARE(o->objectName(), QString::fromLatin1("Hello")); + if (!isNull) + QCOMPARE(o->objectName(), QString::fromLatin1("Hello")); QVERIFY(data.canConvert()); QVERIFY(data.canConvert(QMetaType::QObjectStar)); QVERIFY(data.canConvert(::qMetaTypeId())); - QVERIFY(data.value()); + QCOMPARE(data.value() == 0, isNull); QVERIFY(data.convert(QMetaType::QObjectStar)); QCOMPARE(data.userType(), int(QMetaType::QObjectStar)); } else { -- cgit v1.2.3