Closed Bug 281093 Opened 20 years ago Closed 20 years ago

OOM check is missing [@nsConsoleService::nsConsoleService]

Categories

(Core :: XPCOM, defect)

Product:
Core
Component:
XPCOM
Platform:
x86
Windows XP
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: dewildt, Assigned: dewildt)

References

(
URL
)

Details

(Keywords: crash)

Crash Data

Attachments

(1 file, 1 obsolete file)

Patch #2 (fixes per comment 3)
4.82 KB, patch
bzbarsky
: review+
bzbarsky
: superreview+
Details | Diff | Splinter Review
In the nsConsoleService.cpp constructor is memory allocate but the result is not checked, which results in a crash when initializing the memory.
Sounds like this should use an Init() method... Daniel, do you have time to work on this by any chance?
I suppose that the destructor is called if Init fails, so I don't free the allocated memory of mMessages if PR_NewLock() fails. Who is the correct person for a r/sr. bz or dougt?
Assignee: dougt → dewildt
Status: NEW → ASSIGNED
Attachment #175842 - Flags: review?(bzbarsky)
Comment on attachment 175842 [details] [diff] [review] Move memory allocation and initialization to new function Init I can probably do this review... >Index: mozilla/xpcom/base/nsConsoleService.h >+ NS_IMETHODIMP Init(); That should just be |nsresult|, not |NS_IMETHODIMP|. >Index: mozilla/xpcom/base/nsConsoleService.cpp > nsConsoleService::nsConsoleService() > : mCurrent(0), mFull(PR_FALSE), mListening(PR_FALSE), mLock(nsnull) This needs to init mMessages to nsnull, no? >+NS_IMETHODIMP >+nsConsoleService::Init() Again, nsresult. >+ // XXX deal with these two allocations by detecting null mLock in factory? This comment no longer applies, does it? >+ // Array elements should be 0 initially for circular buffer algorithm. >+ for (PRUint32 i = 0; i < mBufferSize; i++) { >+ mMessages[i] = nsnull; >+ } Any reason not to use memset here? >+ mLock = PR_NewLock(); >+ if (!mLock) >+ return NS_ERROR_FAILURE; Why not NS_ERROR_OUT_OF_MEMORY?
Attachment #175842 - Flags: review?(bzbarsky) → review-
> This needs to init mMessages to nsnull, no? yes > This comment no longer applies, does it? > Any reason not to use memset here? Sorry, too much cut&paste > Why not NS_ERROR_OUT_OF_MEMORY? I thought PR_NewLock could also return null in other cases as OOM, but I'm wrong.
Attachment #175842 - Attachment is obsolete: true
Attachment #175960 - Flags: review?(bzbarsky)
Comment on attachment 175960 [details] [diff] [review] Patch #2 (fixes per comment 3) r+sr=bzbarsky. I'll try to get this checked in tomorrow...
Attachment #175960 - Flags: superreview+
Attachment #175960 - Flags: review?(bzbarsky)
Attachment #175960 - Flags: review+
Patch checked in. Thanks for fixing this, Daniel!
Marking fixed
Status: ASSIGNED → RESOLVED
Closed: 20 years ago
Resolution: --- → FIXED
Crash Signature: [@nsConsoleService::nsConsoleService]
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: