feedc0de/qt-creator
1
0
Fork 0
forked from qt-creator/qt-creator
Code Pull Requests Activity

QmlProfiler: Unify conditions in binding loop render pass

Browse Source 
Invalid events with binding loops could trigger a null pointer access
as the the check for creating the nodes for the binding loops render
pass was somewhat stricter than the check for populating them.

This is largely an academic problem, though, found by coverity.

Change-Id: I7f2681960f23e4a31977faa0d538bc257fa4cf2c
Reviewed-by: Tobias Hunger <tobias.hunger@qt.io>
This commit is contained in:
Ulf Hermann
2016-12-05 15:49:59 +01:00
parent 73e4859c00
commit fcbe75f9e4
1 changed files with 10 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
src/plugins/qmlprofiler/qmlprofilerbindingloopsrenderpass.cpp
View File

@@ -94,6 +94,14 @@ QmlProfilerBindingLoopsRenderPass::QmlProfilerBindingLoopsRenderPass()
{
}
static inline bool eventOutsideRange(const QmlProfilerRangeModel *model,
const Timeline::TimelineRenderState *parentState, int i)
{
const qint64 start = qMax(parentState->start(), model->startTime(i));
const qint64 end = qMin(parentState->end(), model->endTime(i));
return start > end;
}
void updateNodes(const QmlProfilerRangeModel *model, int from, int to,
const Timeline::TimelineRenderState *parentState,
BindingLoopsRenderPassState *state)
@@ -103,13 +111,7 @@ void updateNodes(const QmlProfilerRangeModel *model, int from, int to,
for (int i = from; i < to; ++i) {
int bindingLoopDest = model->bindingLoopDest(i);
if (bindingLoopDest == -1)
continue;
qint64 start = qMax(parentState->start(), model->startTime(i));
qint64 end = qMin(parentState->end(), model->startTime(i) + model->duration(i));
if (start > end)
if (bindingLoopDest == -1 || eventOutsideRange(model, parentState, i))
continue;
expandedPerRow[model->expandedRow(i)].usedVertices += 4;
@@ -132,10 +134,7 @@ void updateNodes(const QmlProfilerRangeModel *model, int from, int to,
int rowHeight = Timeline::TimelineModel::defaultRowHeight();
for (int i = from; i < to; ++i) {
int bindingLoopDest = model->bindingLoopDest(i);
if (bindingLoopDest == -1)
continue;
if (model->startTime(i) > parentState->end() || model->endTime(i) < parentState->start())
if (bindingLoopDest == -1 || eventOutsideRange(model, parentState, i))
continue;
qint64 center = qMax(parentState->start(), qMin(parentState->end(),