diff options
| author | Oswald Buddenhagen <oswald.buddenhagen@qt.io> | 2017-08-11 13:41:39 +0200 |
|---|---|---|
| committer | Tony Sarajärvi <tony.sarajarvi@qt.io> | 2017-08-26 12:12:10 +0000 |
| commit | e8b9a17a3bd770f6bf1bc8f4e0586565acf425e2 (patch) | |
| tree | 55135c9c1ad76263d55074aa5535a21b552ac874 /qmake | |
| parent | 702be65532263bd52ad0b67235c112083120699e (diff) | |
| download | qtbase-e8b9a17a3bd770f6bf1bc8f4e0586565acf425e2.tar.gz | |
qmake: fix hypothetical raw data leak in $$replace()
the replacement value may well constitute the whole output string - this
is in fact common, given this rather typical usage pattern:
BAR = $$replace(FOO, -flag, -otherflag)
this must be considered when constructing the return value.
compare 3c8134958c6.
as of now, this is irrelevant, as QString::replace(QRegExp, QString) will
always memcpy the replacement into a detached copy of the target, but one
never knows.
Change-Id: Ia1f271f45023746040fc28ce6d88a6609e05e5c2
Reviewed-by: Joerg Bornemann <joerg.bornemann@qt.io>
Diffstat (limited to 'qmake')
| -rw-r--r-- | qmake/library/qmakebuiltins.cpp | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/qmake/library/qmakebuiltins.cpp b/qmake/library/qmakebuiltins.cpp index acc1924e80..1b98cbd909 100644 --- a/qmake/library/qmakebuiltins.cpp +++ b/qmake/library/qmakebuiltins.cpp @@ -1111,7 +1111,11 @@ QMakeEvaluator::VisitReturn QMakeEvaluator::evaluateBuiltinExpand( QString rstr = val.toQString(m_tmp1); QString copy = rstr; // Force a detach on modify rstr.replace(before, after); - ret << (rstr.isSharedWith(m_tmp1) ? val : ProString(rstr).setSource(val)); + ret << (rstr.isSharedWith(m_tmp1) + ? val + : rstr.isSharedWith(m_tmp2) + ? args.at(2) + : ProString(rstr).setSource(val)); } } break; |