Details
-
Bug
-
Resolution: Incomplete
-
Not Evaluated
-
None
-
6.8.0
-
None
-
debian、deepin
Description
In each loop iteration, the code accesses the member of the parent pointer without first checking if the parent pointer is NULL; if the parent pointer becomes NULL in a certain iteration, then attempting to access parent->d_ptr or calling parent->isAncestorOf() will result in undefined behavior, I have used the demo to verify this, as attached, and the demo throws a program exception on close when the clearSubfocus with parent as nullptr, the demo will have a program exception on close, I submitted a patch to prevent this scenario and found it effective in practice.
About Volker's comment, I have tried, when the parent is nullptr, while loop may exit, but here is the use of do...while, this will lead to enter the loop to determine the execution of the first time before, I verified and found that when the parent is nullptr is going to crash, about adding Q_ ASSERT(parent), I tried it and it also triggers a crash.
The way I verified this issue was to assume that the parent is a nullptr and use a call to the clearSubfocus function to see if it would crash.
