QQmlListModel: Fix potential uninitialized value

If roleCount is 0, alloca(0) will give us a pointer. The loop will then not
initialize the returned pointer (due to the roleCount being 0), passing an
uninitialized changedRoles to emitDirectNotifies.

emitDirectNotifies doesn't access changedRoles unconditionally (via
another for loop), but this is probably better to check than not.

Coverity-Id: 172868
Done-with: John Brooks
Change-Id: I821c06221d2659d3310082b4e81442cc58b197f7
Reviewed-by: Simon Hausmann <simon.hausmann@qt.io>

1 files changed, 6 insertions, 4 deletions

diff --git a/src/qml/types/qqmllistmodel.cpp b/src/qml/types/qqmllistmodel.cpp
index 5e06455b26..cc4ccbaeb1 100644
--- a/src/qml/types/qqmllistmodel.cpp
+++ b/src/qml/types/qqmllistmodel.cpp
@@ -1267,10 +1267,12 @@ void ModelNodeMetaObject::updateValues()
 {
     const int roleCount = m_model->m_listModel->roleCount();
     if (!m_initialized) {
-        int *changedRoles = reinterpret_cast<int *>(alloca(roleCount * sizeof(int)));
-        for (int i = 0; i < roleCount; ++i)
-            changedRoles[i] = i;
-        emitDirectNotifies(changedRoles, roleCount);
+        if (roleCount) {
+            int *changedRoles = reinterpret_cast<int *>(alloca(roleCount * sizeof(int)));
+            for (int i = 0; i < roleCount; ++i)
+                changedRoles[i] = i;
+            emitDirectNotifies(changedRoles, roleCount);
+        }
         return;
     }
     for (int i=0 ; i < roleCount ; ++i) {