TreeIter: Donʼt return dangling ref on *rvalueIter (!90) · Merge requests · GNOME / gtkmm

Daniel Boles requested to merge dboles/TreeIter-reference-to-rvalue into master Nov 10, 2023

operator*() was always returning a reference, i.e. T&, but it does so by casting *this to the T type and then returning a reference to that. This results in a dangling reference if the TreeIter instance was an rvalue – for instance in auto& row = *model->append(), the function call returns an rvalue TreeIter, which we merrily let be cast to an lvalue TreeRow&…! This results in crashes when running such code.

The fix is to prevent that code from compiling, by making the current operator*() only valid for const& i.e. lvalue instances – and add an overload for rvalue instances that returns a T as-is, without reference.

!88 (comment 1908596)

Edited Nov 10, 2023 by Daniel Boles

TreeIter: Donʼt return dangling ref on *rvalueIter

Merge request reports