diff options
| author | Denis Dzyubenko <denis.dzyubenko@nokia.com> | 2010-06-11 08:57:21 (GMT) |
|---|---|---|
| committer | Denis Dzyubenko <denis.dzyubenko@nokia.com> | 2010-06-11 10:40:56 (GMT) |
| commit | 746114fb8a1036e5ccec88fe22e9378925d3a34a (patch) | |
| tree | 524bfea77ea5ac874f487e076c2acc389bc24db5 /src | |
| parent | a60ca503751b9716f552437f7054b14b5ef0925b (diff) | |
| download | Qt-746114fb8a1036e5ccec88fe22e9378925d3a34a.zip Qt-746114fb8a1036e5ccec88fe22e9378925d3a34a.tar.gz Qt-746114fb8a1036e5ccec88fe22e9378925d3a34a.tar.bz2 | |
Avoid the incorrect usage of QScopedArrayPointer.
Don't allow an array of objects stored as a base class.
struct A{int a;}; struct B : public A{int b;};
A *foo = new B[2];
foo[1].a = 0; // crash due to (foo + sizeof(A)) and sizeof(A) != sizeof(B)
delete [] foo;
Reviewed-by: Olivier Goffart
Diffstat (limited to 'src')
| -rw-r--r-- | src/corelib/tools/qscopedpointer.h | 24 |
1 files changed, 21 insertions, 3 deletions
diff --git a/src/corelib/tools/qscopedpointer.h b/src/corelib/tools/qscopedpointer.h index bc76a3b..e972d71 100644 --- a/src/corelib/tools/qscopedpointer.h +++ b/src/corelib/tools/qscopedpointer.h @@ -54,7 +54,7 @@ struct QScopedPointerDeleter static inline void cleanup(T *pointer) { // Enforce a complete type. - // If you get a compile error here, read the secion on forward declared + // If you get a compile error here, read the section on forward declared // classes in the QScopedPointer documentation. typedef char IsIncompleteType[ sizeof(T) ? 1 : -1 ]; (void) sizeof(IsIncompleteType); @@ -69,7 +69,7 @@ struct QScopedPointerArrayDeleter static inline void cleanup(T *pointer) { // Enforce a complete type. - // If you get a compile error here, read the secion on forward declared + // If you get a compile error here, read the section on forward declared // classes in the QScopedPointer documentation. typedef char IsIncompleteType[ sizeof(T) ? 1 : -1 ]; (void) sizeof(IsIncompleteType); @@ -186,11 +186,18 @@ template <class T, class Cleanup> Q_INLINE_TEMPLATE void qSwap(QScopedPointer<T, Cleanup> &p1, QScopedPointer<T, Cleanup> &p2) { p1.swap(p2); } +namespace QtPrivate { + template <typename X, typename Y> struct QScopedArrayEnsureSameType; + template <typename X> struct QScopedArrayEnsureSameType<X,X> { typedef X* Type; }; + template <typename X> struct QScopedArrayEnsureSameType<const X, X> { typedef X* Type; }; +} + template <typename T, typename Cleanup = QScopedPointerArrayDeleter<T> > class QScopedArrayPointer : public QScopedPointer<T, Cleanup> { public: - explicit inline QScopedArrayPointer(T *p = 0) + template <typename D> + explicit inline QScopedArrayPointer(D *p = 0, typename QtPrivate::QScopedArrayEnsureSameType<T,D>::Type = 0) : QScopedPointer<T, Cleanup>(p) { } @@ -206,6 +213,17 @@ public: } private: + explicit inline QScopedArrayPointer(void *p) { + // Enforce the same type. + + // If you get a compile error here, make sure you declare + // QScopedArrayPointer with the same template type as you pass to the + // constructor. See also the QScopedPointer documentation. + + // Storing a scalar array as a pointer to a different type is not + // allowed and results in undefined behavior. + } + Q_DISABLE_COPY(QScopedArrayPointer) }; |