From a8010f2d0387cf13f54cf01d2bc0877fbd055351 Mon Sep 17 00:00:00 2001
From: Oswald Buddenhagen <oswald.buddenhagen@digia.com>
Date: Wed, 5 Feb 2014 21:26:37 +0100
Subject: [PATCH] fix raw data leak in $$sprintf()

it could be only triggered by abusing the function (no expansion
actually done), and nobody is using this to start with, but still ...

Change-Id: I3d4a23ae4d1eea07955572d8213094e0dc218f6d
Reviewed-by: Daniel Teske <daniel.teske@digia.com>
(cherry picked from qtcreator/cdc2a0f72334268684e0407e9b04b3188e00d4bf)
Reviewed-by: Joerg Bornemann <joerg.bornemann@theqtcompany.com>
---
 qmake/library/qmakebuiltins.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/qmake/library/qmakebuiltins.cpp b/qmake/library/qmakebuiltins.cpp
index bb07ad44a3b..f57d9c89a7d 100644
--- a/qmake/library/qmakebuiltins.cpp
+++ b/qmake/library/qmakebuiltins.cpp
@@ -514,7 +514,7 @@ ProStringList QMakeEvaluator::evaluateBuiltinExpand(
             QString tmp = args.at(0).toQString(m_tmp1);
             for (int i = 1; i < args.count(); ++i)
                 tmp = tmp.arg(args.at(i).toQString(m_tmp2));
-            ret << ProString(tmp);
+            ret << (tmp.isSharedWith(m_tmp1) ? args.at(0) : ProString(tmp).setSource(args.at(0)));
         }
         break;
     case E_FORMAT_NUMBER: