fix: crash in disassembler on hover

When hovering the disassembler tries to create an tooltip. If the user hovers on the disassembly column or an earlier one, the model calculates a negative cost type which will cause an out of bounds access error in the cost array, even if the cost is not shown. This patch changes the order of operations and adds an check to make sure no out of bound access happens. fixes: #642
KDAB · May 24, 2024 · 5f929be · 5f929be
1 parent 39d72d5
commit 5f929be
Showing 1 changed file with 13 additions and 10 deletions.
diff --git a/src/models/disassemblymodel.cpp b/src/models/disassemblymodel.cpp
@@ -132,28 +132,31 @@ QVariant DisassemblyModel::data(const QModelIndex& index, int role) const
         auto it = entry.offsetMap.find(data.addr);
         if (it != entry.offsetMap.end()) {
             const auto event = index.column() - COLUMN_COUNT;
-
             const auto& locationCost = it.value();
+
+            if (role == Qt::ToolTipRole) {
+                auto tooltip = tr("addr: <tt>%1</tt><br/>assembly: <tt>%2</tt><br/>disassembly: <tt>%3</tt>")
+                                   .arg(QString::number(data.addr, 16), line);
+                return Util::formatTooltip(tooltip, locationCost, m_results.selfCosts);
+            }
+
+            if (event < 0)
+                return {};
+
             const auto& costLine = locationCost.selfCost[event];
             const auto totalCost = m_results.selfCosts.totalCost(event);
 
             if (role == CostRole) {
                 return costLine;
             } else if (role == TotalCostRole) {
                 return totalCost;
-            } else if (role == Qt::ToolTipRole) {
-                auto tooltip = tr("addr: <tt>%1</tt><br/>assembly: <tt>%2</tt><br/>disassembly: <tt>%3</tt>")
-                                   .arg(QString::number(data.addr, 16), line);
-                return Util::formatTooltip(tooltip, locationCost, m_results.selfCosts);
-            }
-
-            if (!costLine)
+            } else if (!costLine)
                 return {};
             return Util::formatCostRelative(costLine, totalCost, true);
         } else {
-            if (role == Qt::ToolTipRole)
+            if (role == Qt::ToolTipRole) {
                 return tr("<qt><tt>%1</tt><hr/>No samples at this location.</qt>").arg(line.toHtmlEscaped());
-            else
+            } else
                 return QString();
         }
     } else if (role == DisassemblyModel::HighlightRole) {