Skip to content

sync: from linuxdeepin/qt5platform-plugins #102

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
18202781743 merged 1 commit into from
Oct 16, 2025
Merged

sync: from linuxdeepin/qt5platform-plugins #102

18202781743 merged 1 commit into from
Oct 16, 2025

Conversation

@deepin-ci-robot
Copy link
Contributor

@deepin-ci-robot deepin-ci-robot commented Oct 16, 2025

Synchronize source files from linuxdeepin/qt5platform-plugins.

Source-pull-request: linuxdeepin/qt5platform-plugins#305

@deepin-ci-robot
Copy link
Contributor Author

deepin-ci-robot commented Oct 16, 2025

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: deepin-ci-robot

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@deepin-ci-robot
sync: from linuxdeepin/qt5platform-plugins
4822bd4 
Synchronize source files from linuxdeepin/qt5platform-plugins.

Source-pull-request: linuxdeepin/qt5platform-plugins#305
@deepin-ci-robot
Copy link
Contributor Author

deepin-ci-robot commented Oct 16, 2025

deepin pr auto review

我对这段代码的改进意见如下:

  1. 代码逻辑和安全性改进:
  • 原代码只简单检查对象地址是否在映射表中,这可能存在安全隐患,因为对象地址可能被重用。改进后的代码增加了对vtable内容的验证,这是一个很好的安全增强。
  • 添加了详细的日志记录,有助于调试和追踪问题,特别是在地址重用的情况下。
  1. 潜在问题:
  • adjustToEntry 函数的实现没有在提供的代码片段中展示,需要确保这个函数正确工作,因为它直接关系到vtable匹配的准确性。
  • ghost_vtable 的获取使用了 value(obj) 而不是 value(_obj),这里需要确保 obj_obj 在哈希表中使用的是相同的键类型。
  1. 性能考虑:
  • 当前实现每次调用都需要进行一次哈希查找和一次指针比较,这是合理的权衡。
  • 如果性能非常关键,可以考虑添加一个缓存层,但要注意这可能会增加复杂性。
  1. 代码风格建议:
  • 建议将 quintptr **_obj 的命名改为更具描述性的名称,如 vtablePtr,以提高代码可读性。
  • 日志消息可以考虑添加更多上下文信息,如 ghost vtable 的地址,以便更好地追踪问题。
  1. 错误处理:
  • 考虑添加对 adjustToEntry 函数返回值的检查,防止可能的空指针解引用。
  • 可以考虑添加一个断言来确保 obj 不为 nullptr。

改进后的代码可以进一步增强如下:

bool VtableHook::hasVtable(const void *obj)
{
    if (!obj) {
        qCWarning(vtableHook) << "hasVtable: Null object pointer provided";
        return false;
    }

    quintptr **vtablePtr = reinterpret_cast<quintptr**>(obj);
    
    // 验证 vtable 是否匹配
    quintptr *ghost_vtable = objToGhostVfptr.value(vtablePtr);
    if (!ghost_vtable) {
        return false;
    }
    
    // 检查当前对象的 vtable 指针是否指向我们记录的 ghost vtable
    quintptr *adjustedGhostVtable = adjustToEntry(ghost_vtable);
    if (!adjustedGhostVtable) {
        qCWarning(vtableHook) << "hasVtable: Invalid adjusted ghost vtable";
        return false;
    }
    
    if (*vtablePtr != adjustedGhostVtable) {
        // vtable 不匹配,说明地址被重用了
        qCDebug(vtableHook) << "hasVtable: vtable mismatch! Address reused by different object."
                               << "obj:" << QString("0x%1").arg(reinterpret_cast<quintptr>(obj), 0, 16)
                               << "ghost_vtable:" << QString("0x%1").arg(reinterpret_cast<quintptr>(ghost_vtable), 0, 16)
                               << "current_vtable:" << QString("0x%1").arg(reinterpret_cast<quintptr>(*vtablePtr), 0, 16);
        return false;
    }
    
    return true;
}

这些改进提高了代码的健壮性和可维护性,同时保持了原有的功能。

@18202781743 18202781743 merged commit 8423e36 into master Oct 16, 2025
31 of 33 checks passed
@18202781743 18202781743 deleted the sync-pr-305-nosync branch October 16, 2025 03:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@deepin-ci-robot @18202781743