kernelshark: Fix used after free of QByteArray raw data

In KsAdvFilteringDialog::_applyPress(), QByteArray raw data, obtained from _filterEdit, is accessed after being freed. Also prevent any unnecessary copy. Signed-off-by: Benjamin ROBIN <dev@benjarobin.fr> Signed-off-by: Yordan Karadzhov <y.karadz@gmail.com>
author: Benjamin ROBIN <dev@benjarobin.fr> 2024-01-14 18:16:55 +0100
committer: Yordan Karadzhov <y.karadz@gmail.com> 2024-01-20 21:07:40 +0200
commit: 5714179d3185df979896b95deb85aca332de4d65 (patch)
tree: 627cc8237d032363d8fe485122d0b2c049d469da
parent: 9c3db37735545105e057f9d3c10f0e62d1092f88 (diff)
download: kernel-shark-5714179d3185df979896b95deb85aca332de4d65.tar.gz
1 files changed, 3 insertions, 11 deletions
diff --git a/src/KsAdvFilteringDialog.cpp b/src/KsAdvFilteringDialog.cpp
index 4683c3da..3ebde22b 100644
--- a/src/KsAdvFilteringDialog.cpp
+++ b/src/KsAdvFilteringDialog.cpp
@@ -443,8 +443,6 @@ void KsAdvFilteringDialog::_applyPress()
 	QMapIterator<int, QString> f(_filters);
 	kshark_context *kshark_ctx(NULL);
 	kshark_data_stream *stream;
-	const char *text;
-	char *filter;
 	int i(0);
 
 	if (!kshark_instance(&kshark_ctx))
@@ -476,18 +474,12 @@ void KsAdvFilteringDialog::_applyPress()
 		emit dataReload();
 	};
 
-	text = _filterEdit.text().toLocal8Bit().data();
-	if (strlen(text) == 0) {
+	QByteArray filter = _filterEdit.text().toLocal8Bit();
+	if (filter.isEmpty()) {
 		job_done();
 		return;
 	}
 
-	filter = (char*) malloc(strlen(text) + 1);
-	strcpy(filter, text);
-
-	kshark_tep_add_filter_str(stream, filter);
-
-	free(filter);
-
+	kshark_tep_add_filter_str(stream, filter.constData());
 	job_done();
 }
author	Benjamin ROBIN <dev@benjarobin.fr>	2024-01-14 18:16:55 +0100
committer	Yordan Karadzhov <y.karadz@gmail.com>	2024-01-20 21:07:40 +0200
commit	5714179d3185df979896b95deb85aca332de4d65 (patch)
tree	627cc8237d032363d8fe485122d0b2c049d469da
parent	9c3db37735545105e057f9d3c10f0e62d1092f88 (diff)
download	kernel-shark-5714179d3185df979896b95deb85aca332de4d65.tar.gz