From eac0087d0fc5425fa81f4addf5c06876373b2e79 Mon Sep 17 00:00:00 2001
From: Lieven Hey <lieven.hey@kdab.com>
Date: Fri, 24 May 2024 09:43:37 +0200
Subject: [PATCH] fix: crash in disassembler on hover

When hovering the disassembler tries to create an tooltip. If the user
hovers on the disassembly column or an earlier one, the model calculates
a negative cost type which will cause an out of bounds access error in
the cost array, even if the cost is not shown.
This patch changes the order of operations and adds an check to make
sure no out of bound access happens.
---
 src/models/disassemblymodel.cpp | 23 +++++++++++++----------
 1 file changed, 13 insertions(+), 10 deletions(-)

diff --git a/src/models/disassemblymodel.cpp b/src/models/disassemblymodel.cpp
index 5daec8d4..a1f458d1 100644
--- a/src/models/disassemblymodel.cpp
+++ b/src/models/disassemblymodel.cpp
@@ -132,8 +132,17 @@ QVariant DisassemblyModel::data(const QModelIndex& index, int role) const
         auto it = entry.offsetMap.find(data.addr);
         if (it != entry.offsetMap.end()) {
             const auto event = index.column() - COLUMN_COUNT;
-
             const auto& locationCost = it.value();
+
+            if (role == Qt::ToolTipRole) {
+                auto tooltip = tr("addr: <tt>%1</tt><br/>assembly: <tt>%2</tt><br/>disassembly: <tt>%3</tt>")
+                                   .arg(QString::number(data.addr, 16), line);
+                return Util::formatTooltip(tooltip, locationCost, m_results.selfCosts);
+            }
+
+            if (event < 0)
+                return {};
+
             const auto& costLine = locationCost.selfCost[event];
             const auto totalCost = m_results.selfCosts.totalCost(event);
 
@@ -141,19 +150,13 @@ QVariant DisassemblyModel::data(const QModelIndex& index, int role) const
                 return costLine;
             } else if (role == TotalCostRole) {
                 return totalCost;
-            } else if (role == Qt::ToolTipRole) {
-                auto tooltip = tr("addr: <tt>%1</tt><br/>assembly: <tt>%2</tt><br/>disassembly: <tt>%3</tt>")
-                                   .arg(QString::number(data.addr, 16), line);
-                return Util::formatTooltip(tooltip, locationCost, m_results.selfCosts);
-            }
-
-            if (!costLine)
+            } else if (!costLine)
                 return {};
             return Util::formatCostRelative(costLine, totalCost, true);
         } else {
-            if (role == Qt::ToolTipRole)
+            if (role == Qt::ToolTipRole) {
                 return tr("<qt><tt>%1</tt><hr/>No samples at this location.</qt>").arg(line.toHtmlEscaped());
-            else
+            } else
                 return QString();
         }
     } else if (role == DisassemblyModel::HighlightRole) {