search

edbee / edbee-lib

QWidget based Text Editor Component for Qt. Multi-caret, Textmate grammar and highlighting support.
Other
75 stars 26 forks source link

USE_AFTER_FREE in TextRenderer::textLayoutForLineForPlaceholder(int) #100

Open vadi2 opened 4 years ago

vadi2 commented 4 years ago

Coverity is pointing out the following with the new placeholder code:

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)

** CID 1495409:  Memory - illegal accesses  (USE_AFTER_FREE)
/home/travis/build/Mudlet/Mudlet/3rdparty/edbee-lib/edbee-lib/edbee/views/textrenderer.cpp: 300 in edbee::TextRenderer::textLayoutForLineForPlaceholder(int)()

________________________________________________________________________________________________________
*** CID 1495409:  Memory - illegal accesses  (USE_AFTER_FREE)
/home/travis/build/Mudlet/Mudlet/3rdparty/edbee-lib/edbee-lib/edbee/views/textrenderer.cpp: 300 in edbee::TextRenderer::textLayoutForLineForPlaceholder(int)()
294     
295             // add to the cache
296             cachedTextLayoutList_.insert( line, textLayout );
297     //qlog_info() << "Cache Line: " << line;
298     
299         }
>>>     CID 1495409:  Memory - illegal accesses  (USE_AFTER_FREE)
>>>     Using freed pointer "textLayout".
300         return textLayout;
301     }
302     
303     QTextLayout *TextRenderer::textLayoutForLineNormal(int line)
304     {
305         Q_ASSERT( line >= 0 );

** CID 1495408:  Memory - illegal accesses  (USE_AFTER_FREE)
/home/travis/build/Mudlet/Mudlet/3rdparty/edbee-lib/edbee-lib/edbee/views/textrenderer.cpp: 366 in edbee::TextRenderer::textLayoutForLineNormal(int)()

________________________________________________________________________________________________________
*** CID 1495408:  Memory - illegal accesses  (USE_AFTER_FREE)
/home/travis/build/Mudlet/Mudlet/3rdparty/edbee-lib/edbee-lib/edbee/views/textrenderer.cpp: 366 in edbee::TextRenderer::textLayoutForLineNormal(int)()
360             // add to the cache
361             cachedTextLayoutList_.insert( line, textLayout );
362     
363     //qlog_info() << "Cache Line: " << line;
364     
365         }
>>>     CID 1495408:  Memory - illegal accesses  (USE_AFTER_FREE)
>>>     Using freed pointer "textLayout".
366         return textLayout;
367     }
368     
369     
370     /// This method starts rendering
371     void TextRenderer::renderBegin( const QRect& rect )
gamecreature commented 4 years ago

This issue also happens in the function 'textLayoutForLineNormal' ...

Did you have this issue also before the placeholders? Because the order of malloc/dealllocs isn't changed by this.

vadi2 commented 4 years ago

Could have been there before - Coverity might have picked this up just because this code was changed. It does some weird caching.