Mercurial > octave

changeset 24765:cea7557d91ef

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Range-check variable editor m_table_colors before using (bug #53137) * variable-editor.cc (variable_editor::notice_settings): Check that the index is less than the default_colors QList length or the m_table_colors QList length before accessing those lists. (variable_editor::update_colors): Check that m_table_colors has sufficient length before indexing with value 0, 1, 2 or 3.
author Daniel J Sebald <daniel.sebald@ieee.org>
date Mon, 12 Feb 2018 16:54:57 -0600
parents 95142fc85564
children 08c92c9d48e3
files libgui/src/variable-editor.cc
diffstat 1 files changed, 20 insertions(+), 11 deletions(-) [+]
line wrap: on
line diff
--- a/libgui/src/variable-editor.cc	Thu Feb 15 00:41:45 2018 -0500
+++ b/libgui/src/variable-editor.cc	Mon Feb 12 16:54:57 2018 -0600
@@ -624,7 +624,7 @@
   m_alternate_rows = settings->value ("variable_editor/alternate_rows",
                                       false).toBool ();
 
-  QList<QColor> _default_colors = resource_manager::varedit_default_colors ();
+  QList<QColor> default_colors = resource_manager::varedit_default_colors ();
 
   QString class_chars = resource_manager::varedit_color_chars ();
 
@@ -656,13 +656,18 @@
 
   for (int i = 0; i < class_chars.length (); i++)
     {
-      QVariant default_var = _default_colors.at (i);
+      QVariant default_var;
+      if (i < default_colors.length ())
+        default_var = default_colors.at (i);
+      else
+        default_var = QColor ();
 
       QColor setting_color = settings->value ("variable_editor/color_"
                                               + class_chars.mid (i, 1),
                                               default_var).value<QColor> ();
 
-      m_table_colors.replace (i, setting_color);
+      if (i < m_table_colors.length ())
+        m_table_colors.replace (i, setting_color);
     }
 
   update_colors ();
@@ -1459,17 +1464,21 @@
 {
   m_stylesheet = "";
 
-  m_stylesheet += "QTableView::item{ foreground-color: "
-    + m_table_colors[0].name () +" }";
+  if (m_table_colors.length () > 0)
+    m_stylesheet += "QTableView::item{ foreground-color: "
+      + m_table_colors[0].name () +" }";
 
-  m_stylesheet += "QTableView::item{ background-color: "
-    + m_table_colors[1].name () +" }";
+  if (m_table_colors.length () > 1)
+    m_stylesheet += "QTableView::item{ background-color: "
+      + m_table_colors[1].name () +" }";
 
-  m_stylesheet += "QTableView::item{ selection-color: "
-    + m_table_colors[2].name () +" }";
+  if (m_table_colors.length () > 2)
+    m_stylesheet += "QTableView::item{ selection-color: "
+      + m_table_colors[2].name () +" }";
 
-  m_stylesheet += "QTableView::item:selected{ background-color: "
-    + m_table_colors[3].name () +" }";
+  if (m_table_colors.length () > 3)
+    m_stylesheet += "QTableView::item:selected{ background-color: "
+      + m_table_colors[3].name () +" }";
 
   if (m_table_colors.length () > 4 && m_alternate_rows)
     {