From f1bd8bcaba0879ef9f806b65b51e4a8d409b47f1 Mon Sep 17 00:00:00 2001
From: Fabian Kosmale <fabian.kosmale@qt.io>
Date: Fri, 19 Jan 2024 11:46:07 +0100
Subject: [PATCH] QMetaObjectBuilder: Avoid arithmetic on null pointer

In Prepare mode, "buf" is a null pointer. We never dereference it, but we
still compute an offset from it to obtain a pointer to a (then unused)
QMetaObjectPrivater.
clang's UBSan complains about this, so initialize the pointer to nullptr
instead when in Prepare mode.

Pick-to: 6.6 6.5
Change-Id: Id9d78058f72bb1b44440d07f565374f3eb3c20fd
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
(cherry picked from commit d3d224f546d933acef53f7592fea7d69072f7d55)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
---
 src/corelib/kernel/qmetaobjectbuilder.cpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/corelib/kernel/qmetaobjectbuilder.cpp b/src/corelib/kernel/qmetaobjectbuilder.cpp
index b471bf65466..c2b44a4f002 100644
--- a/src/corelib/kernel/qmetaobjectbuilder.cpp
+++ b/src/corelib/kernel/qmetaobjectbuilder.cpp
@@ -1162,8 +1162,8 @@ static int buildMetaObject(QMetaObjectBuilderPrivate *d, char *buf,
     }
 
     // Populate the QMetaObjectPrivate structure.
-    QMetaObjectPrivate *pmeta
-        = reinterpret_cast<QMetaObjectPrivate *>(buf + size);
+    QMetaObjectPrivate *pmeta = buf ? reinterpret_cast<QMetaObjectPrivate *>(buf + size)
+                                    : nullptr;
     //int pmetaSize = size;
     dataIndex = MetaObjectPrivateFieldCount;
     int methodParametersDataSize =