From b113b01a711752d3add6c9df12d84438607de5b9 Mon Sep 17 00:00:00 2001
From: Marc Mutz <marc.mutz@qt.io>
Date: Tue, 17 Oct 2023 22:43:08 +0200
Subject: [PATCH] QStringConverter: harden encodingForName() against nullptr

The nameMatch() function has an implicit precondition that neither
argument is nullptr: it immediately dereferences both arguments.

Prevent the crash by checking for name == nullptr early, before
passing to nameMatch().

Add tests for null and empty.

As a drive-by, make variables in the test const (needed for the
QByteArray to avoid detaching, peer pressure for the others).

Amends a639bcda1e42f48fa32885ede77f9fd320ce731c.

Pick-to: 6.6 6.5 6.2
Change-Id: I4a30f6c130310eb701ba7c7251168294489c34db
Reviewed-by: Ivan Solovev <ivan.solovev@qt.io>
---
 src/corelib/text/qstringconverter.cpp                  |  2 ++
 .../text/qstringconverter/tst_qstringconverter.cpp     | 10 +++++++---
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/src/corelib/text/qstringconverter.cpp b/src/corelib/text/qstringconverter.cpp
index 9ac290b0c1a..f27283a06de 100644
--- a/src/corelib/text/qstringconverter.cpp
+++ b/src/corelib/text/qstringconverter.cpp
@@ -2096,6 +2096,8 @@ const char *QStringConverter::name() const noexcept
 */
 std::optional<QStringConverter::Encoding> QStringConverter::encodingForName(const char *name) noexcept
 {
+    if (!name)
+        return std::nullopt;
     for (qsizetype i = 0; i < LastEncoding + 1; ++i) {
         if (nameMatch(encodingInterfaces[i].name, name))
             return QStringConverter::Encoding(i);
diff --git a/tests/auto/corelib/text/qstringconverter/tst_qstringconverter.cpp b/tests/auto/corelib/text/qstringconverter/tst_qstringconverter.cpp
index 3254395dff4..9208cefe186 100644
--- a/tests/auto/corelib/text/qstringconverter/tst_qstringconverter.cpp
+++ b/tests/auto/corelib/text/qstringconverter/tst_qstringconverter.cpp
@@ -2222,14 +2222,18 @@ void tst_QStringConverter::encodingForName_data()
     QTest::newRow("latin1") << QByteArray("latin1") << std::optional<QStringConverter::Encoding>(QStringConverter::Latin1);
     QTest::newRow("latin2") << QByteArray("latin2") << std::optional<QStringConverter::Encoding>();
     QTest::newRow("latin15") << QByteArray("latin15") << std::optional<QStringConverter::Encoding>();
+    QTest::newRow("<empty>") << QByteArray("") << std::optional<QStringConverter::Encoding>();
+    QTest::newRow("<nullptr>") << QByteArray(nullptr) << std::optional<QStringConverter::Encoding>();
 }
 
 void tst_QStringConverter::encodingForName()
 {
-    QFETCH(QByteArray, name);
-    QFETCH(std::optional<QStringConverter::Encoding>, encoding);
+    QFETCH(const QByteArray, name);
+    QFETCH(const std::optional<QStringConverter::Encoding>, encoding);
 
-    auto e = QStringConverter::encodingForName(name);
+    const auto *ptr = name.isNull() ? nullptr : name.data();
+
+    const auto e = QStringConverter::encodingForName(ptr);
     QCOMPARE(e, encoding);
 }