Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-6416

Calling QVector<T>::reserve(size) with size < current size for a vector with shared data corrupts the heap

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • P2: Important
    • 4.6.1
    • 4.5.2, 4.5.3, 4.6.0
    • Core: Containers and Algorithms
    • None
    • All
    • 480b395bd652a4ac6e3f262bd99a045dff95c4ac

    Description

      QVector<A> a;
a.resize(2);   // has 2 default-constructed values
QVector<A> b(a);    // shared array, copy-on-write semantics
b.reserve(1);   // heap corruption during realloc for new data copy

      Yes, the caller should probably not do this, but it's a bug nonetheless since calling reserve() on an unshared vector is effectively a no-op.

      Attachments

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

        Activity

          People

            goffart Olivier Goffart (closed Nokia identity) (Inactive)
            pabakertx Patrick Baker
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Gerrit Reviews

                There are no open Gerrit changes