From 44c9be706097ee578331e264d70ba210ca9fdad5 Mon Sep 17 00:00:00 2001
From: Vicki Pfau <vi@endrift.com>
Date: Sun, 15 Sep 2019 13:27:43 -0700
Subject: [PATCH] Qt: Fix getPixels UAF

---
 src/platform/qt/CoreController.cpp | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/src/platform/qt/CoreController.cpp b/src/platform/qt/CoreController.cpp
index 1a025ff8f..ed6020ff8 100644
--- a/src/platform/qt/CoreController.cpp
+++ b/src/platform/qt/CoreController.cpp
@@ -221,12 +221,13 @@ QImage CoreController::getPixels() {
 		const void* pixels;
 		m_threadContext.core->getPixels(m_threadContext.core, &pixels, &stride);
 		stride *= BYTES_PER_PIXEL;
-		buffer.resize(stride * size.height());
-		memcpy(buffer.data(), pixels, buffer.size());
+		buffer = QByteArray::fromRawData(static_cast<const char*>(pixels), stride * size.height());
 	}
 
-	return QImage(reinterpret_cast<const uchar*>(buffer.constData()),
-	              size.width(), size.height(), stride, QImage::Format_RGBX8888);
+	QImage image(reinterpret_cast<const uchar*>(buffer.constData()),
+	             size.width(), size.height(), stride, QImage::Format_RGBX8888);
+	image.bits(); // Cause QImage to detach
+	return image;
 }
 
 bool CoreController::isPaused() {