thumbnail: Fix heap-use-after-free in AudioCreator::create (!281) · Merge requests · Network / KIO Extras

Daniel Schulte requested to merge trilader/kio-extras:patch-1 into master Sep 11, 2023

There is a heap-use-after-free issue in AudioCreator::create resulting from storing the pointer to a temporary QByteArray's data() in a pointer and accessing it after the byte-array has been freed (when the the temporary object was created on is over).

This fixes it by moving the QByteArray onto the stack, thus making it not temporary anymore, keeping it around until its data isn't needed anymore.

This fixes https://bugs.kde.org/show_bug.cgi?id=469458

Edited Sep 11, 2023 by Daniel Schulte

thumbnail: Fix heap-use-after-free in AudioCreator::create

Merge request reports