Closed
Bug 1289397
Opened 8 years ago
Closed 8 years ago
[Static Analysis][Unintentional integer overflow] In function CacheFileChunk::UpdateDataSize
Categories
(Core :: Networking, defect)
Core
Networking
Tracking
()
RESOLVED
FIXED
mozilla50
Tracking | Status | |
---|---|---|
firefox50 | --- | fixed |
People
(Reporter: andi, Assigned: andi)
References
(Blocks 1 open bug)
Details
(Keywords: coverity, Whiteboard: CID 1364092)
Attachments
(1 file)
The Static Analysis tool Coverity detected that an overflow could happen in the following assignment expression: int64_t fileSize = kChunkSize * mIndex + aOffset + aLen; The result rvalue will be of type uint, that will be assigned to an lvalue of type int64_t.
Assignee | ||
Comment 1•8 years ago
|
||
Review commit: https://reviewboard.mozilla.org/r/67158/diff/#index_header See other reviews: https://reviewboard.mozilla.org/r/67158/
Attachment #8774712 -
Flags: review?(valentin.gosu)
Comment 2•8 years ago
|
||
Comment on attachment 8774712 [details] Bug 1289397 - prevent overflow in CacheFileChunk::UpdateDataSize. https://reviewboard.mozilla.org/r/67158/#review63976
Attachment #8774712 -
Flags: review?(valentin.gosu) → review+
Pushed by bpostelnicu@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/54c8557ec453 prevent overflow in CacheFileChunk::UpdateDataSize. r=valentin
Comment 4•8 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/54c8557ec453
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla50
You need to log in
before you can comment on or make changes to this bug.
Description
•