Commit 5eeecdb1 authored by Thomas Hartmann's avatar Thomas Hartmann

QmlDesigner: Fixing double free

Calling detach() in setKey() will free the shared memory twice, if
we do not set m_memory to nullptr.
Clean cleanHandleInternal() does always return true, so
checking the value does not make sense.
We have to call cleanHandleInternal() immediately after the close.

Change-Id: I110693d1dd9dae4ff5e52cfd3fdd2f33137af969
Reviewed-by: Tobias Hunger's avatarTobias Hunger <tobias.hunger@qt.io>
parent 337393ce
......@@ -61,7 +61,7 @@ public:
protected:
#ifdef Q_OS_UNIX
bool initKeyInternal();
bool cleanHandleInternal();
void cleanHandleInternal();
bool createInternal(QSharedMemory::AccessMode mode, int size);
bool attachInternal(QSharedMemory::AccessMode mode);
bool detachInternal();
......
......@@ -124,10 +124,13 @@ SharedMemory::~SharedMemory()
{
if (m_memory) {
munmap(m_memory, m_size);
m_memory = nullptr;
m_size = 0;
}
if (m_fileHandle != -1) {
close(m_fileHandle);
cleanHandleInternal();
if (m_createdByMe)
shm_unlink(m_nativeKey);
}
......@@ -142,7 +145,7 @@ void SharedMemory::setKey(const QString &key)
if (isAttached())
detach();
cleanHandleInternal();
m_key = key;
m_nativeKey = makePlatformSafeKey(key);
}
......@@ -299,8 +302,7 @@ void SharedMemory::setErrorString(const QString &function)
bool SharedMemory::initKeyInternal()
{
if (!cleanHandleInternal())
return false;
cleanHandleInternal();
m_systemSemaphore.setKey(QString(), 1);
m_systemSemaphore.setKey(m_key, 1);
......@@ -341,10 +343,9 @@ int SharedMemory::handle()
return m_fileHandle;
}
bool SharedMemory::cleanHandleInternal()
void SharedMemory::cleanHandleInternal()
{
m_fileHandle = -1;
return true;
}
bool SharedMemory::createInternal(QSharedMemory::AccessMode mode, int size)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment