From f466ee61da75705abd615a2a0d3cbaca12e3c902 Mon Sep 17 00:00:00 2001 From: Dirk Hohndel Date: Tue, 19 Jan 2016 10:27:38 -0800 Subject: Don't blindly copy a pointer to the heap Copying the entry pointer and assuming that it stays valid is of course totally bogus. This is most likely the reason for the random crashes people have observed. See #992 Signed-off-by: Dirk Hohndel --- qt-models/diveplotdatamodel.cpp | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'qt-models') diff --git a/qt-models/diveplotdatamodel.cpp b/qt-models/diveplotdatamodel.cpp index de156bfac..4b60b3ea3 100644 --- a/qt-models/diveplotdatamodel.cpp +++ b/qt-models/diveplotdatamodel.cpp @@ -19,7 +19,7 @@ int DivePlotDataModel::columnCount(const QModelIndex &parent) const QVariant DivePlotDataModel::data(const QModelIndex &index, int role) const { - if ((!index.isValid()) || (index.row() >= pInfo.nr)) + if ((!index.isValid()) || (index.row() >= pInfo.nr) || pInfo.entry == 0) return QVariant(); plot_data item = pInfo.entry[index.row()]; @@ -167,6 +167,8 @@ void DivePlotDataModel::clear() if (rowCount() != 0) { beginRemoveRows(QModelIndex(), 0, rowCount() - 1); pInfo.nr = 0; + free(pInfo.entry); + pInfo.entry = 0; diveId = -1; dcNr = -1; endRemoveRows(); @@ -179,7 +181,10 @@ void DivePlotDataModel::setDive(dive *d, const plot_info &info) Q_ASSERT(d != NULL); diveId = d->id; dcNr = dc_number; + free(pInfo.entry); pInfo = info; + pInfo.entry = (struct plot_data *)malloc(sizeof(struct plot_data) * pInfo.nr); + memcpy(pInfo.entry, info.entry, sizeof(plot_data) * pInfo.nr); beginInsertRows(QModelIndex(), 0, pInfo.nr - 1); endInsertRows(); } -- cgit v1.2.3-70-g09d2