Fix memory corruption in QDBusInterface signal emissions

If more than one signal parameter required conversions (e.g. 2 QVariantMaps), then the auxParameter list would be reallocated on the second append. This resulted in the reference to the first conversion (stored in params) to be broken. Found with valgrind after the QtApplicationManager started crashing weirdly when built against Qt 6. The same code is in Qt 5, but it just works fine there: I guess the reallocation strategy in QList is different there, so we never have to reallocate the list. Change-Id: I2e0c8906ebc9474c4ec9f53cafc1689003d5c4c5 Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
2020-11-18 23:12:35 +01:00 · 2020-11-18 23:12:35 +01:00 · 2fab1971fe
commit 2fab1971fe
parent 1c1c1e4559
1 changed files with 3 additions and 1 deletions
--- a/src/dbus/qdbusintegrator.cpp
+++ b/src/dbus/qdbusintegrator.cpp
@ -926,7 +926,9 @@ void QDBusConnectionPrivate::deliverCall(QObject *object, int /*flags*/, const Q
    QVarLengthArray<void *, 10> params;
    params.reserve(metaTypes.count());

-    QVariantList auxParameters;
+    QVarLengthArray<QVariant, 10> auxParameters; // we cannot allow reallocation here, since we
+    auxParameters.reserve(metaTypes.count());    // keep references to the entries
+
    // let's create the parameter list

    // first one is the return type -- add it below