diff options
| author | Volker Hilsheimer <volker.hilsheimer@qt.io> | 2025-07-23 10:38:50 +0200 |
|---|---|---|
| committer | Volker Hilsheimer <volker.hilsheimer@qt.io> | 2025-07-27 10:52:42 +0200 |
| commit | d11c2f695ec820126998ce801e9525eebe17d2be (patch) | |
| tree | fec0f9995e94e9ee8c6f55b67600c69ea62a6d28 /src/corelib/kernel/qobject.cpp | |
| parent | a054870f35342f17a54f5ce6555b56cf386ac6bd (diff) | |
QQueuedMetaCallEvent: don't initialize return storage if no arguments
allocArgs leaves the args_ array to be nullptr if nargs is 0. While that
should never be the case in practice, clang correctly points out the
possibility that we are dereferencing nullptr, e.g. when constructing a
QQueuedMetaCallEvent like this:
QQueuedMetaCallEvent event(0, nullptr, 0, 0, nullptr, nullptr);
Don't initialize the storage if the argument count is 0. Access to the
storage elsewhere doesn't explicitly handle index 0.
Amends f6211c079fa000c0d46b7912341f014669fa628a.
Change-Id: If42403c1fc862b8ba7456709af2456cfbec8086b
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Diffstat (limited to 'src/corelib/kernel/qobject.cpp')
| -rw-r--r-- | src/corelib/kernel/qobject.cpp | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/src/corelib/kernel/qobject.cpp b/src/corelib/kernel/qobject.cpp index af39037a074..980fefc4eae 100644 --- a/src/corelib/kernel/qobject.cpp +++ b/src/corelib/kernel/qobject.cpp @@ -653,8 +653,10 @@ inline void QQueuedMetaCallEvent::copyArgValues(int argCount, const QtPrivate::Q QMetaType *types = reinterpret_cast<QMetaType *>(d.args_ + d.nargs_); int inplaceIndex = 0; - types[0] = QMetaType(); // return type - args[0] = nullptr; // return value pointer + if (argCount) { + types[0] = QMetaType(); // return type + args[0] = nullptr; // return value pointer + } // no return value for (int n = 1; n < argCount; ++n) { |