Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Groups
  • Search
  • Get Qt Extensions
  • Unsolved
Collapse
Brand Logo
  1. Home
  2. Qt Development
  3. General and Desktop
  4. Program crashes when using QString + QRegExp with certain input
Forum Updated to NodeBB v4.3 + New Features

Program crashes when using QString + QRegExp with certain input

Scheduled Pinned Locked Moved General and Desktop
1 Posts 1 Posters 729 Views 1 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • T Offline
    T Offline
    tjx13
    wrote on last edited by
    #1

    I have this code:

    @
    QByteArray QCurl::getEncoding() {
    long headerSize;
    if (CURLE_OK != curl_easy_getinfo(j_ch, CURLINFO_HEADER_SIZE, &headerSize)) return "latin1";

    char *contentTypeC = new char[headerSize];
    if (CURLE_OK != curl_easy_getinfo(j_ch, CURLINFO_CONTENT_TYPE, &contentTypeC)) return "latin1";
    QString contentType = QString::fromLatin1(contentTypeC);
    delete []contentTypeC;
    
    QRegExp r("charset=([a-z0-9\\-]+)", Qt::CaseInsensitive);
    r.indexIn(contentType);
    //if (r.indexIn(contentType) == -1) return "latin1";
    contentType = r.cap(1);
    
    if (QTextCodec::codecForName(contentType.toLocal8Bit())) return contentType.toLocal8Bit();
    return "latin1";
    

    }
    @

    If I call this function one time it works fine. But if I call it several times it crashes with message "*** glibc detected *** /home/tjx/projects/build-autoPoster-Desktop-Debug/autoPoster: double free or corruption (fasttop): 0x0000000000731140 **". Debugger shows that the crash is in r.indexIn(contentType) and contentType contains "\001\000\000". I though that QString and QRegExp are safe classes that will protect against such things. Because input comes from untrusted source I am wondering is there any way to protect against this, may be using another function to convert char -> QString, currently I use QString::fromLatin1 as you can see.

    1 Reply Last reply
    0

    • Login

    • Login or register to search.
    • First post
      Last post
    0
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    • Search
    • Get Qt Extensions
    • Unsolved