Fix a QDBusConnection crash with pending calls when connection is closed

QDBusConnection::closeConnection does not use deref() on pendingCall list so if there is an QDBusPendingCallWatcher watching the pending call the QDbusPendingCallPrivate destructor will run twice causing a crash. Pick-to: 5.15 6.2 6.3 Change-Id: Ib811da36d3510f4292aa310c52c0617b885947b7 Reviewed-by: Johannes Rosenqvist <xeroc81@gmail.com> Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
2022-05-04 12:49:24 +02:00 · 2022-05-04 12:49:24 +02:00 · bb334e8181
commit bb334e8181
parent 72d6b897a4
1 changed files with 7 additions and 1 deletions
--- a/src/dbus/qdbusintegrator.cpp
+++ b/src/dbus/qdbusintegrator.cpp
@ -1138,7 +1138,13 @@ void QDBusConnectionPrivate::closeConnection()
        }
    }

-    qDeleteAll(pendingCalls);
+    for (auto it = pendingCalls.begin(); it != pendingCalls.end(); ++it) {
+        auto call = *it;
+        if (!call->ref.deref()) {
+            delete call;
+        }
+    }
+    pendingCalls.clear();

    // Disconnect all signals from signal hooks and from the object tree to
    // avoid QObject::destroyed being sent to dbus daemon thread which has