Fix ASAN error about new-delete-size-mismatch in QVariant

We allocate the variant's PrivateShared for custom types with space for
the actual custom type right after that, using operator new to allocate
the memory and a new calls for the constructors. However to free the
memory we merely call delete on the private shared, which upsets ASAN
because the size passed to operator delete is the size of the private
shared, which is not the same as the size that was provided for the
returned address.

This is easily fixable by calling the destructor explicitly and calling
operator delete with just the pointer.

Change-Id: I50afbe0e8afc875c0876e85e02689dcbdc152633
Reviewed-by: Erik Verbruggen <erik.verbruggen@qt.io>
Reviewed-by: Jędrzej Nowacki <jedrzej.nowacki@qt.io>
Reviewed-by: Olivier Goffart (Woboq GmbH) <ogoffart@woboq.com>
This commit is contained in:
Simon Hausmann 2018-08-07 10:07:45 +02:00
parent 4ec155053a
commit 70b7b2bffc

View File

@ -1479,7 +1479,8 @@ static void customClear(QVariant::Private *d)
QMetaType::destruct(d->type, &d->data.ptr);
} else {
QMetaType::destruct(d->type, d->data.shared->ptr);
delete d->data.shared;
d->data.shared->~PrivateShared();
operator delete(d->data.shared);
}
}