From b19c5969d8a94d57dc9dfc2906e548dac24d0adc Mon Sep 17 00:00:00 2001 From: Christian Kandeler Date: Thu, 13 Aug 2020 15:04:38 +0200 Subject: [PATCH] QmlJS: Fix crash Fixes: QTCREATORBUG-24477 Change-Id: I45ab28fd11d8c9e51fb3b537a677620ecee5985b Reviewed-by: Fawzi Mohamed --- src/libs/qmljs/qmljsfindexportedcpptypes.cpp | 21 ++++++++++---------- 1 file changed, 10 insertions(+), 11 deletions(-) diff --git a/src/libs/qmljs/qmljsfindexportedcpptypes.cpp b/src/libs/qmljs/qmljsfindexportedcpptypes.cpp index 7b3749ab519..18ae2188c3a 100644 --- a/src/libs/qmljs/qmljsfindexportedcpptypes.cpp +++ b/src/libs/qmljs/qmljsfindexportedcpptypes.cpp @@ -198,12 +198,15 @@ protected: } else { return false; } + + int argCount = 0; + for (const ExpressionListAST *list = ast->expression_list; list && list->value; + list = list->next) { + ++argCount; + } + // must have at least four arguments - if (!ast->expression_list - || !ast->expression_list->value || !ast->expression_list->next - || !ast->expression_list->next->value || !ast->expression_list->next->next - || !ast->expression_list->next->next->value || !ast->expression_list->next->next->next - || !ast->expression_list->next->next->next->value) + if (argCount < 4) return false; switch (registrationFunction) { case InvalidRegistrationFunction: @@ -215,15 +218,11 @@ protected: case QmlRegisterSingletonTypeCallback2: case QmlRegisterSingletonTypeUrl: case QmlRegisterUncreatableType: - if (!ast->expression_list->next->next->next->next - || !ast->expression_list->next->next->next->next->value - || ast->expression_list->next->next->next->next->next) + if (argCount != 5) return false; break; case QmlRegisterUncreatableMetaObject: - if (!ast->expression_list->next->next->next->next->next - || !ast->expression_list->next->next->next->next->next->value - || ast->expression_list->next->next->next->next->next->next) + if (argCount != 6) return false; } ExpressionAST *uriExp = nullptr;