Fix crash in object serialization due to sequences

Commit c177691118e4e2bace9b5c1f4f57343190e6ad64 added support for sequences, but in doing so, introduced a crash bug into worker thread object serialisation. This commit fixes the bug by ensuring that the object resource type is checked prior to serialisation. Change-Id: I4ef9e4d0865a337c4fe6e8f1cd40cf4462ca7a60 Reviewed-by: Martin Jones <martin.jones@nokia.com>
author: Chris Adams <christopher.adams@nokia.com> 2011-11-04 14:38:38 +1000
committer: Qt by Nokia <qt-info@nokia.com> 2011-11-04 07:00:54 +0100
commit: 0dd867535bebf6db673d4f03959e62e94ff35ba2 (patch)
tree: 4b400f3bf20068908d82d947b34c7bb4c6511d81 /src/declarative/qml/v8/qv8worker.cpp
parent: b2ead4c58908968a7c4885751360fa7ed2b58369 (diff)
1 files changed, 17 insertions, 15 deletions
diff --git a/src/declarative/qml/v8/qv8worker.cpp b/src/declarative/qml/v8/qv8worker.cpp
index 16e5abfb06..f0d9906915 100644
--- a/src/declarative/qml/v8/qv8worker.cpp
+++ b/src/declarative/qml/v8/qv8worker.cpp
@@ -257,23 +257,25 @@ void QV8Worker::serialize(QByteArray &data, v8::Handle<v8::Value> v, QV8Engine *
         if (v->IsObject()) {
             v8::Handle<v8::Object> seqObj = v->ToObject();
             QV8ObjectResource *r = static_cast<QV8ObjectResource *>(seqObj->GetExternalResource());
-            QVariant sequenceVariant = engine->sequenceWrapper()->toVariant(r);
-            if (!sequenceVariant.isNull()) {
-                // valid sequence.  we generate a length (sequence length + 1 for the sequence type)
-                uint32_t seqLength = engine->sequenceWrapper()->sequenceLength(r);
-                uint32_t length = seqLength + 1;
-                if (length > 0xFFFFFF) {
-                    push(data, valueheader(WorkerUndefined));
+            if (r->resourceType() == QV8ObjectResource::SequenceType) {
+                QVariant sequenceVariant = engine->sequenceWrapper()->toVariant(r);
+                if (!sequenceVariant.isNull()) {
+                    // valid sequence.  we generate a length (sequence length + 1 for the sequence type)
+                    uint32_t seqLength = engine->sequenceWrapper()->sequenceLength(r);
+                    uint32_t length = seqLength + 1;
+                    if (length > 0xFFFFFF) {
+                        push(data, valueheader(WorkerUndefined));
+                        return;
+                    }
+                    reserve(data, sizeof(quint32) + length * sizeof(quint32));
+                    push(data, valueheader(WorkerSequence, length));
+                    serialize(data, v8::Integer::New(sequenceVariant.userType()), engine); // sequence type
+                    for (uint32_t ii = 0; ii < seqLength; ++ii) {
+                        serialize(data, seqObj->Get(ii), engine); // sequence elements
+                    }
+
                     return;
                 }
-                reserve(data, sizeof(quint32) + length * sizeof(quint32));
-                push(data, valueheader(WorkerSequence, length));
-                serialize(data, v8::Integer::New(sequenceVariant.userType()), engine); // sequence type
-                for (uint32_t ii = 0; ii < seqLength; ++ii) {
-                    serialize(data, seqObj->Get(ii), engine); // sequence elements
-                }
-
-                return;
             }
         }
author	Chris Adams <christopher.adams@nokia.com>	2011-11-04 14:38:38 +1000
committer	Qt by Nokia <qt-info@nokia.com>	2011-11-04 07:00:54 +0100
commit	0dd867535bebf6db673d4f03959e62e94ff35ba2 (patch)
tree	4b400f3bf20068908d82d947b34c7bb4c6511d81 /src/declarative/qml/v8/qv8worker.cpp
parent	b2ead4c58908968a7c4885751360fa7ed2b58369 (diff)