diff options
-rw-r--r-- | src/3rdparty/masm/yarr/YarrParser.h | 3 | ||||
-rw-r--r-- | src/qml/compiler/qqmlpropertycachecreator_p.h | 5 | ||||
-rw-r--r-- | src/qml/jsruntime/qv4engine.cpp | 2 | ||||
-rw-r--r-- | src/qml/jsruntime/qv4qmlcontext.cpp | 16 | ||||
-rw-r--r-- | src/quick/handlers/qquickpinchhandler.cpp | 4 | ||||
-rw-r--r-- | tests/auto/qml/debugger/qv4debugger/tst_qv4debugger.cpp | 27 | ||||
-rw-r--r-- | tests/auto/qml/qqmlecmascript/tst_qqmlecmascript.cpp | 11 | ||||
-rw-r--r-- | tools/qmlcachegen/qtquickcompiler.prf | 2 |
8 files changed, 58 insertions, 12 deletions
diff --git a/src/3rdparty/masm/yarr/YarrParser.h b/src/3rdparty/masm/yarr/YarrParser.h index 3e5311f1fb..edc6beb1f0 100644 --- a/src/3rdparty/masm/yarr/YarrParser.h +++ b/src/3rdparty/masm/yarr/YarrParser.h @@ -694,7 +694,8 @@ private: ASSERT(!hasError(m_errorCode)); ASSERT(min <= max); - if (min == UINT_MAX) { + const unsigned quantifyLimit = 1 << 24; + if (min > quantifyLimit || (max != quantifyInfinite && max > quantifyLimit)) { m_errorCode = ErrorCode::QuantifierTooLarge; return; } diff --git a/src/qml/compiler/qqmlpropertycachecreator_p.h b/src/qml/compiler/qqmlpropertycachecreator_p.h index 074dc98648..901602d17b 100644 --- a/src/qml/compiler/qqmlpropertycachecreator_p.h +++ b/src/qml/compiler/qqmlpropertycachecreator_p.h @@ -703,8 +703,9 @@ inline QQmlCompileError QQmlPropertyCacheAliasCreator<ObjectContainer>::property QVarLengthArray<const QV4::CompiledData::Alias *, 4> seenAliases({lastAlias}); do { - const CompiledObject *targetObject = objectContainer->objectAt( - objectForId(component, lastAlias->targetObjectId)); + const int targetObjectIndex = objectForId(component, lastAlias->targetObjectId); + Q_ASSERT(targetObjectIndex >= 0); + const CompiledObject *targetObject = objectContainer->objectAt(targetObjectIndex); Q_ASSERT(targetObject); auto nextAlias = targetObject->aliasesBegin(); diff --git a/src/qml/jsruntime/qv4engine.cpp b/src/qml/jsruntime/qv4engine.cpp index 8057119064..f5c5c49f56 100644 --- a/src/qml/jsruntime/qv4engine.cpp +++ b/src/qml/jsruntime/qv4engine.cpp @@ -172,7 +172,7 @@ ExecutionEngine::ExecutionEngine(QJSEngine *jsEngine) bool ok = false; maxCallDepth = qEnvironmentVariableIntValue("QV4_MAX_CALL_DEPTH", &ok); if (!ok || maxCallDepth <= 0) { -#if defined(QT_NO_DEBUG) && !defined(__SANITIZE_ADDRESS__) +#if defined(QT_NO_DEBUG) && !defined(__SANITIZE_ADDRESS__) && !QT_HAS_FEATURE(address_sanitizer) maxCallDepth = 1234; #else // no (tail call) optimization is done, so there'll be a lot mare stack frames active diff --git a/src/qml/jsruntime/qv4qmlcontext.cpp b/src/qml/jsruntime/qv4qmlcontext.cpp index 12ada7ee70..0c5226d46c 100644 --- a/src/qml/jsruntime/qv4qmlcontext.cpp +++ b/src/qml/jsruntime/qv4qmlcontext.cpp @@ -458,11 +458,17 @@ ReturnedValue QQmlContextWrapper::resolveQmlContextPropertyLookupGetter(Lookup * // into the handler expression through the locals of the call context. So for onClicked: { ... } // the parameters of the clicked signal are injected and we must allow for them to be found here // before any other property from the QML context. - ExecutionContext &ctx = static_cast<ExecutionContext &>(engine->currentStackFrame->jsFrame->context); - if (ctx.d()->type == Heap::ExecutionContext::Type_CallContext) { - uint index = ctx.d()->internalClass->indexOfValueOrGetter(name); - if (index < UINT_MAX) - return static_cast<Heap::CallContext*>(ctx.d())->locals[index].asReturnedValue(); + for (Heap::ExecutionContext *ctx = engine->currentContext()->d(); ctx; ctx = ctx->outer) { + if (ctx->type == Heap::ExecutionContext::Type_CallContext) { + const uint index = ctx->internalClass->indexOfValueOrGetter(name); + if (index < std::numeric_limits<uint>::max()) + return static_cast<Heap::CallContext *>(ctx)->locals[index].asReturnedValue(); + } + + // Skip only block contexts within the current call context. + // Other contexts need a regular QML property lookup. See below. + if (ctx->type != Heap::ExecutionContext::Type_BlockContext) + break; } bool hasProperty = false; diff --git a/src/quick/handlers/qquickpinchhandler.cpp b/src/quick/handlers/qquickpinchhandler.cpp index 9ae2116d39..dc1a9a92f9 100644 --- a/src/quick/handlers/qquickpinchhandler.cpp +++ b/src/quick/handlers/qquickpinchhandler.cpp @@ -285,9 +285,9 @@ void QQuickPinchHandler::onActiveChanged() m_startScale = m_accumulatedScale; m_startRotation = 0; } - qCInfo(lcPinchHandler) << "activated with starting scale" << m_startScale << "rotation" << m_startRotation; + qCDebug(lcPinchHandler) << "activated with starting scale" << m_startScale << "rotation" << m_startRotation; } else { - qCInfo(lcPinchHandler) << "deactivated with scale" << m_activeScale << "rotation" << m_activeRotation; + qCDebug(lcPinchHandler) << "deactivated with scale" << m_activeScale << "rotation" << m_activeRotation; } } diff --git a/tests/auto/qml/debugger/qv4debugger/tst_qv4debugger.cpp b/tests/auto/qml/debugger/qv4debugger/tst_qv4debugger.cpp index b75fb6b895..497c721f50 100644 --- a/tests/auto/qml/debugger/qv4debugger/tst_qv4debugger.cpp +++ b/tests/auto/qml/debugger/qv4debugger/tst_qv4debugger.cpp @@ -322,6 +322,8 @@ private slots: void lastLineOfConditional(); void readThis(); + void signalParameters(); + private: QV4Debugger *debugger() const { @@ -899,6 +901,31 @@ void tst_qv4debugger::readThis() QCOMPARE(a.value("value").toInt(), 5); } +void tst_qv4debugger::signalParameters() +{ + QQmlEngine engine; + QV4::ExecutionEngine *v4 = engine.handle(); + v4->setDebugger(new QV4Debugger(v4)); + + QQmlComponent component(&engine); + component.setData("import QtQml 2.12\n" + "QtObject {\n" + " id: root\n" + " property string result\n" + " signal signalWithArg(string textArg)\n" + " property Connections connections : Connections {\n" + " target: root\n" + " onSignalWithArg: { root.result = textArg; }\n" + " }\n" + " Component.onCompleted: signalWithArg('something')\n" + "}", QUrl("test.qml")); + + QVERIFY(component.isReady()); + QScopedPointer<QObject> obj(component.create()); + QVERIFY(obj); + QCOMPARE(obj->property("result").toString(), QLatin1String("something")); +} + QTEST_MAIN(tst_qv4debugger) #include "tst_qv4debugger.moc" diff --git a/tests/auto/qml/qqmlecmascript/tst_qqmlecmascript.cpp b/tests/auto/qml/qqmlecmascript/tst_qqmlecmascript.cpp index c714cf5d60..09b271c5f1 100644 --- a/tests/auto/qml/qqmlecmascript/tst_qqmlecmascript.cpp +++ b/tests/auto/qml/qqmlecmascript/tst_qqmlecmascript.cpp @@ -368,6 +368,7 @@ private slots: void saveAccumulatorBeforeToInt32(); void intMinDividedByMinusOne(); void undefinedPropertiesInObjectWrapper(); + void hugeRegexpQuantifiers(); private: // static void propertyVarWeakRefCallback(v8::Persistent<v8::Value> object, void* parameter); @@ -8975,6 +8976,16 @@ void tst_qqmlecmascript::undefinedPropertiesInObjectWrapper() QVERIFY(!object.isNull()); } +void tst_qqmlecmascript::hugeRegexpQuantifiers() +{ + QJSEngine engine; + QJSValue value = engine.evaluate("/({3072140529})?{3072140529}/"); + + // It's a regular expression, but it won't match anything. + // The RegExp compiler also shouldn't crash. + QVERIFY(value.isRegExp()); +} + QTEST_MAIN(tst_qqmlecmascript) #include "tst_qqmlecmascript.moc" diff --git a/tools/qmlcachegen/qtquickcompiler.prf b/tools/qmlcachegen/qtquickcompiler.prf index 9c8c7a7b1e..2f98aadefe 100644 --- a/tools/qmlcachegen/qtquickcompiler.prf +++ b/tools/qmlcachegen/qtquickcompiler.prf @@ -1,4 +1,4 @@ -qtc_run: return() +if(qtc_run|lupdate_run): return() qtPrepareTool(QML_CACHEGEN, qmlcachegen, _FILTER) qtPrepareTool(QMAKE_RCC, rcc, _DEP) |