From c302d6206dfc6169abdc524c5729dd4065b0e27c Mon Sep 17 00:00:00 2001
From: Olivier Goffart <ogoffart@trolltech.com>
Date: Fri, 21 Aug 2009 19:25:16 +0200
Subject: QMetaObject: Crashes with dbus that tries to connect to all signals

The compatibility method QMetaObject::connect did not handle the
signal_index = -1  to connect to all signal

Reviewed-by: Thiago
---
 src/corelib/kernel/qobject.cpp | 32 ++++++++++++++++++++------------
 1 file changed, 20 insertions(+), 12 deletions(-)

diff --git a/src/corelib/kernel/qobject.cpp b/src/corelib/kernel/qobject.cpp
index 040efc9..2117a2d 100644
--- a/src/corelib/kernel/qobject.cpp
+++ b/src/corelib/kernel/qobject.cpp
@@ -2981,12 +2981,16 @@ void QObject::disconnectNotify(const char *)
 bool QMetaObject::connect(const QObject *sender, int signal_index,
                           const QObject *receiver, int method_index, int type, int *types)
 {
-    const QMetaObject *mo = sender->metaObject();
-    while (mo && mo->methodOffset() > signal_index)
-        mo = mo->superClass();
-    int signalOffset, methodOffset;
-    computeOffsets(mo, &signalOffset, &methodOffset);
-    signal_index = QMetaObjectPrivate::originalClone(mo, signal_index - methodOffset) + signalOffset;
+    if (signal_index > 0) {
+        const QMetaObject *mo = sender->metaObject();
+        while (mo && mo->methodOffset() > signal_index)
+            mo = mo->superClass();
+        if (mo) {
+            int signalOffset, methodOffset;
+            computeOffsets(mo, &signalOffset, &methodOffset);
+            signal_index = QMetaObjectPrivate::originalClone(mo, signal_index - methodOffset) + signalOffset;
+        }
+    }
     return QMetaObjectPrivate::connect(sender, signal_index,
                                        receiver, method_index, type, types);
 }
@@ -3059,12 +3063,16 @@ bool QMetaObjectPrivate::connect(const QObject *sender, int signal_index,
 bool QMetaObject::disconnect(const QObject *sender, int signal_index,
                              const QObject *receiver, int method_index)
 {
-    const QMetaObject *mo = sender->metaObject();
-    while (mo && mo->methodOffset() > signal_index)
-        mo = mo->superClass();
-    int signalOffset, methodOffset;
-    computeOffsets(mo, &signalOffset, &methodOffset);
-    signal_index = QMetaObjectPrivate::originalClone(mo, signal_index - methodOffset) + signalOffset;
+    if (signal_index > 0) {
+        const QMetaObject *mo = sender->metaObject();
+        while (mo && mo->methodOffset() > signal_index)
+            mo = mo->superClass();
+        if (mo) {
+            int signalOffset, methodOffset;
+            computeOffsets(mo, &signalOffset, &methodOffset);
+            signal_index = QMetaObjectPrivate::originalClone(mo, signal_index - methodOffset) + signalOffset;
+        }
+    }
     return QMetaObjectPrivate::disconnect(sender, signal_index,
                                           receiver, method_index);
 }
-- 
cgit v0.12