diff options
| author | Eskil Abrahamsen Blomfeldt <eskil.abrahamsen-blomfeldt@nokia.com> | 2009-12-11 09:32:37 (GMT) |
|---|---|---|
| committer | Eskil Abrahamsen Blomfeldt <eskil.abrahamsen-blomfeldt@nokia.com> | 2009-12-11 09:32:37 (GMT) |
| commit | d99a9ffed96ac26ddada3eeb61c44e6ff8b93895 (patch) | |
| tree | 3e2bad4b9478bd8bbf1672232c8be0a4ee7ce485 /src | |
| parent | bc8e87016cfeb4a63151425bcd0f69f21a5fc1c1 (diff) | |
| download | Qt-d99a9ffed96ac26ddada3eeb61c44e6ff8b93895.zip Qt-d99a9ffed96ac26ddada3eeb61c44e6ff8b93895.tar.gz Qt-d99a9ffed96ac26ddada3eeb61c44e6ff8b93895.tar.bz2 | |
Avoid crash in QObject::connect() if class has no signals
If signalCount was 0, then indexOfSlotRelative would use -1 as the
lookup and read unitialized memory in the loop. This would cause a crash
in release on Windows.
Done-with: Olivier
Diffstat (limited to 'src')
| -rw-r--r-- | src/corelib/kernel/qmetaobject.cpp | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/corelib/kernel/qmetaobject.cpp b/src/corelib/kernel/qmetaobject.cpp index bc1e8dcc..a29f4d2 100644 --- a/src/corelib/kernel/qmetaobject.cpp +++ b/src/corelib/kernel/qmetaobject.cpp @@ -497,7 +497,7 @@ static inline int indexOfMethodRelative(const QMetaObject **baseObject, int i = (MethodType == MethodSignal && priv(m->d.data)->revision >= 4) ? (priv(m->d.data)->signalCount - 1) : (priv(m->d.data)->methodCount - 1); const int end = (MethodType == MethodSlot && priv(m->d.data)->revision >= 4) - ? (priv(m->d.data)->signalCount - 1) : 0; + ? (priv(m->d.data)->signalCount) : 0; if (!normalizeStringData) { for (; i >= end; --i) { if ((MethodType == 0 || (m->d.data[priv(m->d.data)->methodData + 5*i + 4] & MethodTypeMask) == MethodType) |