From a8010f2d0387cf13f54cf01d2bc0877fbd055351 Mon Sep 17 00:00:00 2001 From: Oswald Buddenhagen Date: Wed, 5 Feb 2014 21:26:37 +0100 Subject: [PATCH] fix raw data leak in $$sprintf() it could be only triggered by abusing the function (no expansion actually done), and nobody is using this to start with, but still ... Change-Id: I3d4a23ae4d1eea07955572d8213094e0dc218f6d Reviewed-by: Daniel Teske (cherry picked from qtcreator/cdc2a0f72334268684e0407e9b04b3188e00d4bf) Reviewed-by: Joerg Bornemann --- qmake/library/qmakebuiltins.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/qmake/library/qmakebuiltins.cpp b/qmake/library/qmakebuiltins.cpp index bb07ad44a3b..f57d9c89a7d 100644 --- a/qmake/library/qmakebuiltins.cpp +++ b/qmake/library/qmakebuiltins.cpp @@ -514,7 +514,7 @@ ProStringList QMakeEvaluator::evaluateBuiltinExpand( QString tmp = args.at(0).toQString(m_tmp1); for (int i = 1; i < args.count(); ++i) tmp = tmp.arg(args.at(i).toQString(m_tmp2)); - ret << ProString(tmp); + ret << (tmp.isSharedWith(m_tmp1) ? args.at(0) : ProString(tmp).setSource(args.at(0))); } break; case E_FORMAT_NUMBER: