diff --git a/CHANGES b/CHANGES index d36fb9c27..4171d4824 100644 --- a/CHANGES +++ b/CHANGES @@ -25,6 +25,7 @@ Bugfixes: - GBA: Initialize uninitialized pristineRom and pristineRomSize members - GBA Memory: Fix unaligned out-of-bounds ROM loads - GBA: Fix warnings when creating and loading savestates + - Qt: Add additional checks in CheatModel to prevent crashes Misc: - Qt: Window size command line options are now supported - Qt: Increase usability of key mapper diff --git a/src/platform/qt/CheatsModel.cpp b/src/platform/qt/CheatsModel.cpp index bd3fd9cbd..0f7178b6f 100644 --- a/src/platform/qt/CheatsModel.cpp +++ b/src/platform/qt/CheatsModel.cpp @@ -42,6 +42,10 @@ QVariant CheatsModel::data(const QModelIndex& index, int role) const { } } + if (index.row() >= GBACheatSetsSize(&m_device->cheats)) { + return QVariant(); + } + int row = index.row(); const GBACheatSet* cheats = *GBACheatSetsGetPointer(&m_device->cheats, index.row()); switch (role) { @@ -56,7 +60,7 @@ QVariant CheatsModel::data(const QModelIndex& index, int role) const { } bool CheatsModel::setData(const QModelIndex& index, const QVariant& value, int role) { - if (!index.isValid() || index.parent().isValid()) { + if (!index.isValid() || index.parent().isValid() || index.row() > GBACheatSetsSize(&m_device->cheats)) { return false; } @@ -139,11 +143,14 @@ GBACheatSet* CheatsModel::itemAt(const QModelIndex& index) { if (index.parent().isValid()) { return static_cast(index.internalPointer()); } + if (index.row() >= GBACheatSetsSize(&m_device->cheats)) { + return nullptr; + } return *GBACheatSetsGetPointer(&m_device->cheats, index.row()); } void CheatsModel::removeAt(const QModelIndex& index) { - if (!index.isValid() || index.parent().isValid()) { + if (!index.isValid() || index.parent().isValid() || index.row() >= GBACheatSetsSize(&m_device->cheats)) { return; } int row = index.row();