KDAB
fix: avoid OOB access if source code unreadable
We set m_startLine and m_numLines according to the debug info but if the source file is unreadable, or if it is readable but does not have enough lines, this will lead to an OOB access and a crash in SourceCodeModel::data() -> HighlightedText::lineAt(). Fix it by making it so that we only set m_startLine and m_highlightedText once we have successfully read the file and ensure that they are in bounds of the lines array.
Thanks, can you tell me how to reproduce this? IIUC just make the source file unreadable or something like that, yes?
According to the title - just change it to be four lines after compile (gdb will show the file and disassembly if requested, but give a note about "source file newer", if missing then it will show "source file not found" or similar, if I'm right). As both cases are a bit different I suggest to include both options in the automated tests, if possible.
Thanks, can you tell me how to reproduce this? IIUC just make the source file unreadable or something like that, yes?
Right, or just delete the source file. I ran into this bug when analyzing a binary that had some prebuilt (by the distribution) object files with debug info statically linked into it, and I noticed while debugging the issue that truncated files would have the same problem.
Showing a warning in this case would be a good idea for a followup change. We should probably just fix the crash to begin with.
sorry for the long delay, can you resolve the pre-commit issue (i.e. run clang-format)? then this can go in
there's another pre-commit issue that crept in elsewhere, let's get this in as-is and I'll fix this afterwards