QSocks5SocketEngine: fix reference to dangling data

Following a41c61fb2d QIODevice may try to
copy the QByteArray itself (rather than the data it points to). This can
lead referencing dangling data when the QByteArray is initialized with
raw data.

Pick-to: 6.0
Change-Id: I481695b33f251f750ef482d72b81636f0d4bf462
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
This commit is contained in:
Mårten Nordheim 2020-12-03 15:08:52 +01:00
parent 47923f7d47
commit 710886fbdd

View File

@ -1525,8 +1525,12 @@ qint64 QSocks5SocketEngine::write(const char *data, qint64 len)
if (!d->data->authenticator->seal(buf, &sealedBuf)) {
// ### Handle this error.
}
// We pass pointer and size because 'sealedBuf' is (most definitely) raw data:
// QIODevice might have to cache the byte array if the socket cannot write the data.
// If the _whole_ array needs to be cached then it would simply store a copy of the
// array whose data will go out of scope and be deallocated before it can be used.
qint64 written = d->data->controlSocket->write(sealedBuf.constData(), sealedBuf.size());
qint64 written = d->data->controlSocket->write(sealedBuf);
if (written <= 0) {
QSOCKS5_Q_DEBUG << "native write returned" << written;
return written;