From 5d0eb9bd9c1b7bff4e94228ba4d852713381fc21 Mon Sep 17 00:00:00 2001
From: Erik Verbruggen <erik.verbruggen@digia.com>
Date: Wed, 10 Sep 2014 12:06:28 +0200
Subject: [PATCH] QML/JS: fix improbable nullptr deref in possible future use.

The ast parameter cannot be null, because the only use checks for it not
to be null. However, if it would ever be re-used somewhere else, the
logic is plain wrong. Clarification by an assert makes it clear what the
intent is.

Pointed out by the clang static analyzer.

Change-Id: I2c8cba5e5847fc1f92c10021109c55ff8ccd58c4
Reviewed-by: Fawzi Mohamed <fawzi.mohamed@digia.com>
---
 src/libs/qmljs/qmljstypedescriptionreader.cpp | 22 ++++++++++++++-----
 1 file changed, 17 insertions(+), 5 deletions(-)

diff --git a/src/libs/qmljs/qmljstypedescriptionreader.cpp b/src/libs/qmljs/qmljstypedescriptionreader.cpp
index 55d0409d06e..66f387f6787 100644
--- a/src/libs/qmljs/qmljstypedescriptionreader.cpp
+++ b/src/libs/qmljs/qmljstypedescriptionreader.cpp
@@ -36,6 +36,8 @@
 #include "qmljsinterpreter.h"
 #include "qmljsutils.h"
 
+#include <utils/qtcassert.h>
+
 #include <QDir>
 
 using namespace QmlJS;
@@ -418,7 +420,9 @@ void TypeDescriptionReader::readParameter(UiObjectDefinition *ast, FakeMetaMetho
 
 QString TypeDescriptionReader::readStringBinding(UiScriptBinding *ast)
 {
-    if (!ast || !ast->statement) {
+    QTC_ASSERT(ast, return QString());
+
+    if (!ast->statement) {
         addError(ast->colonToken, tr("Expected string after colon."));
         return QString();
     }
@@ -440,7 +444,9 @@ QString TypeDescriptionReader::readStringBinding(UiScriptBinding *ast)
 
 bool TypeDescriptionReader::readBoolBinding(AST::UiScriptBinding *ast)
 {
-    if (!ast || !ast->statement) {
+    QTC_ASSERT(ast, return false);
+
+    if (!ast->statement) {
         addError(ast->colonToken, tr("Expected boolean after colon."));
         return false;
     }
@@ -463,7 +469,9 @@ bool TypeDescriptionReader::readBoolBinding(AST::UiScriptBinding *ast)
 
 double TypeDescriptionReader::readNumericBinding(AST::UiScriptBinding *ast)
 {
-    if (!ast || !ast->statement) {
+    QTC_ASSERT(ast, return qQNaN());
+
+    if (!ast->statement) {
         addError(ast->colonToken, tr("Expected numeric literal after colon."));
         return 0;
     }
@@ -522,7 +530,9 @@ int TypeDescriptionReader::readIntBinding(AST::UiScriptBinding *ast)
 
 void TypeDescriptionReader::readExports(UiScriptBinding *ast, FakeMetaObject::Ptr fmo)
 {
-    if (!ast || !ast->statement) {
+    QTC_ASSERT(ast, return);
+
+    if (!ast->statement) {
         addError(ast->colonToken, tr("Expected array of strings after colon."));
         return;
     }
@@ -566,7 +576,9 @@ void TypeDescriptionReader::readExports(UiScriptBinding *ast, FakeMetaObject::Pt
 
 void TypeDescriptionReader::readMetaObjectRevisions(UiScriptBinding *ast, FakeMetaObject::Ptr fmo)
 {
-    if (!ast || !ast->statement) {
+    QTC_ASSERT(ast, return);
+
+    if (!ast->statement) {
         addError(ast->colonToken, tr("Expected array of numbers after colon."));
         return;
     }
-- 
GitLab