Qt: do not expose a UAT record if the update callback fails
The default chk callbacks for individual fields only catches basic errors such as invalid, too large numbers. Many dissectors perform additional validation in the update_cb which is invoked for a record as a whole. If this check fails, then the UAT must not be marked as valid or else invalid records (like NULL pointers) could be exposed. Thanks to Uli Heilmeier for noticing this. Bug: 15709 Change-Id: I1cc4c6925322011a561ad6df840fbac67796e5b2 Fixes: v2.3.0rc0-1002-g1cd22559a8 ("Qt: convert UatDialog to model/view pattern, improve UX") Reviewed-on: https://code.wireshark.org/review/33157 Petri-Dish: Peter Wu <peter@lekensteyn.nl> Tested-by: Petri Dish Buildbot Reviewed-by: Uli Heilmeier <openid@heilmeier.eu> Reviewed-by: Anders Broman <a.broman58@gmail.com>
This commit is contained in:
parent
276d62b639
commit
7b43c480f6
|
@ -281,7 +281,9 @@ bool UatModel::setData(const QModelIndex &index, const QVariant &value, int role
|
|||
}
|
||||
|
||||
if (record_errors[row].isEmpty()) {
|
||||
// If all fields are valid, invoke the update callback
|
||||
// If all individual fields are valid, invoke the update callback. This
|
||||
// might detect additional issues in either individual fields, or the
|
||||
// combination of them.
|
||||
if (uat_->update_cb) {
|
||||
char *err = NULL;
|
||||
if (!uat_->update_cb(rec, &err)) {
|
||||
|
@ -290,10 +292,8 @@ bool UatModel::setData(const QModelIndex &index, const QVariant &value, int role
|
|||
g_free(err);
|
||||
}
|
||||
}
|
||||
uat_update_record(uat_, rec, TRUE);
|
||||
} else {
|
||||
uat_update_record(uat_, rec, FALSE);
|
||||
}
|
||||
uat_update_record(uat_, rec, record_errors[row].isEmpty());
|
||||
dirty_records[row] = true;
|
||||
uat_->changed = TRUE;
|
||||
|
||||
|
|
Loading…
Reference in New Issue