From 49d2906a9566c8b44df48f51ca137b9ba2feb671 Mon Sep 17 00:00:00 2001 From: Jiang Jiang Date: Fri, 8 Apr 2011 17:34:51 +0200 Subject: Make sure removed QTextBlock is invalid If the block is removed from document block map, we will mark the right node to the current head->freelist index, but it shouldn't be accessed directly, otherwise it can cause crash because of uninitialized node. Hence we need to check if a node index is equal to current freelist index. If so, it cannot be a valid block. Task-number: QTBUG-18500 Reviewed-by: Eskil --- src/gui/text/qfragmentmap_p.h | 5 +++++ src/gui/text/qtextobject.cpp | 5 +++++ src/gui/text/qtextobject.h | 2 +- tests/auto/qtextblock/tst_qtextblock.cpp | 12 ++++++++++++ 4 files changed, 23 insertions(+), 1 deletion(-) diff --git a/src/gui/text/qfragmentmap_p.h b/src/gui/text/qfragmentmap_p.h index 501bfff..4057142 100644 --- a/src/gui/text/qfragmentmap_p.h +++ b/src/gui/text/qfragmentmap_p.h @@ -195,6 +195,10 @@ public: head->root = new_root; } + inline bool isValid(uint n) const { + return n > 0 && n != head->freelist; + } + union { Header *head; Fragment *fragments; @@ -854,6 +858,7 @@ public: return data.fragment(index); } inline uint position(uint node, uint field = 0) const { return data.position(node, field); } + inline bool isValid(uint n) const { return data.isValid(n); } inline uint next(uint n) const { return data.next(n); } inline uint previous(uint n) const { return data.previous(n); } inline uint size(uint node, uint field = 0) const { return data.size(node, field); } diff --git a/src/gui/text/qtextobject.cpp b/src/gui/text/qtextobject.cpp index 0a9dff8..5c1c8b9 100644 --- a/src/gui/text/qtextobject.cpp +++ b/src/gui/text/qtextobject.cpp @@ -891,6 +891,11 @@ QTextBlockUserData::~QTextBlockUserData() Returns true if this text block is valid; otherwise returns false. */ +bool QTextBlock::isValid() const +{ + return p != 0 && p->blockMap().isValid(n); +} + /*! \fn QTextBlock &QTextBlock::operator=(const QTextBlock &other) diff --git a/src/gui/text/qtextobject.h b/src/gui/text/qtextobject.h index 2e588c2..ad8e657 100644 --- a/src/gui/text/qtextobject.h +++ b/src/gui/text/qtextobject.h @@ -205,7 +205,7 @@ public: inline QTextBlock(const QTextBlock &o) : p(o.p), n(o.n) {} inline QTextBlock &operator=(const QTextBlock &o) { p = o.p; n = o.n; return *this; } - inline bool isValid() const { return p != 0 && n != 0; } + bool isValid() const; inline bool operator==(const QTextBlock &o) const { return p == o.p && n == o.n; } inline bool operator!=(const QTextBlock &o) const { return p != o.p || n != o.n; } diff --git a/tests/auto/qtextblock/tst_qtextblock.cpp b/tests/auto/qtextblock/tst_qtextblock.cpp index cec3a6a..748d921 100644 --- a/tests/auto/qtextblock/tst_qtextblock.cpp +++ b/tests/auto/qtextblock/tst_qtextblock.cpp @@ -76,6 +76,7 @@ private slots: void excludeParagraphSeparatorFragment(); void backwardsBlockIterator(); void previousBlock_qtbug18026(); + void removedBlock_qtbug18500(); private: QTextDocument *doc; @@ -181,5 +182,16 @@ void tst_QTextBlock::previousBlock_qtbug18026() QVERIFY(last.isValid()); } +void tst_QTextBlock::removedBlock_qtbug18500() +{ + cursor.insertText("line 1\nline 2\nline 3 \nline 4\n"); + cursor.setPosition(7); + QTextBlock block = cursor.block(); + cursor.setPosition(21, QTextCursor::KeepAnchor); + + cursor.removeSelectedText(); + QVERIFY(!block.isValid()); +} + QTEST_MAIN(tst_QTextBlock) #include "tst_qtextblock.moc" -- cgit v0.12