Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-123861

Passing a string that contains a dot to `QQmlComponent::createWithInitialProperties` will crash the application

    XMLWordPrintable

Details

    • Bug
    • Resolution: Unresolved
    • P1: Critical
    • 6.8
    • 6.8
    • QML: Tooling
    • None

    Description

      Given some QML file such as:

      import QtQuick

Item {}

      Loading that file with `QQmlComponent` and then calling `createWithInitialProperties` and passing a string that contains a dot, for example:

      component.createWithInitialProperties({{".", 10}});

      Or

      component.createWithInitialProperties({{"foo.bar", 10}});

      Will crash the application with an out of bound access.

      This an example trace from the attached project:

      #0  0x00007ffff664981c in QV4::Heap::Pointer<QV4::Heap::InternalClass*, 0ul>::get (this=0x0) at /home/luca/Documents/qt5/qtdeclarative/src/qml/memory/qv4heap_p.h:45
#1  0x00007ffff6648d32 in QV4::Heap::Pointer<QV4::Heap::InternalClass*, 0ul>::operator-> (this=0x0) at /home/luca/Documents/qt5/qtdeclarative/src/qml/memory/qv4heap_p.h:36
#2  0x00007ffff6647be2 in QV4::Heap::Object::vtable (this=0x0) at /home/luca/Documents/qt5/qtdeclarative/src/qml/jsruntime/qv4object_p.h:41
#3  0x00007ffff664fa3e in QV4::Object::vtable (this=0x7fffea3bc4e8) at /home/luca/Documents/qt5/qtdeclarative/src/qml/jsruntime/qv4object_p.h:132
#4  0x00007ffff666e318 in QV4::Object::put (this=0x7fffea3bc4e8, name=0x7fffea3bc4f0, v=..., receiver=0x7fffea3bc4e8) at /home/luca/Documents/qt5/qtdeclarative/src/qml/jsruntime/qv4object_p.h:281
#5  0x00007ffff68d270a in QQmlComponentPrivate::setInitialProperty (this=0x5555555a45d0, base=0x5555555aa0b0, name=..., value=...) at /home/luca/Documents/qt5/qtdeclarative/src/qml/qml/qqmlcomponent.cpp:386
#6  0x00007ffff68d71db in QQmlComponent::setInitialProperties (this=0x7fffffffdec0, component=0x5555555aa0b0, properties=...) at /home/luca/Documents/qt5/qtdeclarative/src/qml/qml/qqmlcomponent.cpp:1481
#7  0x00007ffff68d478f in QQmlComponentPrivate::createWithProperties (this=0x5555555a45d0, parent=0x0, properties=..., context=0x0, behavior=QQmlComponentPrivate::CreateDefault) at /home/luca/Documents/qt5/qtdeclarative/src/qml/qml/qqmlcomponent.cpp:957
#8  0x00007ffff68d4617 in QQmlComponent::createWithInitialProperties (this=0x7fffffffdec0, initialProperties=..., context=0x0) at /home/luca/Documents/qt5/qtdeclarative/src/qml/qml/qqmlcomponent.cpp:930
#9  0x00005555555567a3 in main (argc=1, argv=0x7fffffffe0b8) at /home/luca/Documents/crash_on_dot/main.cpp:15

      Attachments

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

        Activity

          People

            qtqmlteam Qt Qml Team User
            diseraluca Luca Di Sera
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:

              Gerrit Reviews

                There are no open Gerrit changes