kernelshark: Fix used after free of QByteArray raw data
In KsAdvFilteringDialog::_applyPress(), QByteArray raw data, obtained
from _filterEdit, is accessed after being freed.
Also prevent any unnecessary copy.
Signed-off-by: Benjamin ROBIN <dev@benjarobin.fr>
Signed-off-by: Yordan Karadzhov <y.karadz@gmail.com>
diff --git a/src/KsAdvFilteringDialog.cpp b/src/KsAdvFilteringDialog.cpp
index 4683c3d..3ebde22 100644
--- a/src/KsAdvFilteringDialog.cpp
+++ b/src/KsAdvFilteringDialog.cpp
@@ -443,8 +443,6 @@
QMapIterator<int, QString> f(_filters);
kshark_context *kshark_ctx(NULL);
kshark_data_stream *stream;
- const char *text;
- char *filter;
int i(0);
if (!kshark_instance(&kshark_ctx))
@@ -476,18 +474,12 @@
emit dataReload();
};
- text = _filterEdit.text().toLocal8Bit().data();
- if (strlen(text) == 0) {
+ QByteArray filter = _filterEdit.text().toLocal8Bit();
+ if (filter.isEmpty()) {
job_done();
return;
}
- filter = (char*) malloc(strlen(text) + 1);
- strcpy(filter, text);
-
- kshark_tep_add_filter_str(stream, filter);
-
- free(filter);
-
+ kshark_tep_add_filter_str(stream, filter.constData());
job_done();
}