Closed Bug 1081416 Opened 6 years ago Closed 6 years ago

codegen.py foundVars should be initialized

Categories

(Core :: DOM: Core & HTML, defect)

defect
Not set

Tracking

()

RESOLVED DUPLICATE of bug 1058252

People

(Reporter: erahm, Unassigned)

References

(Blocks 1 open bug)

Details

(Keywords: coverity, Whiteboard: [MemShrink])

We have at least 40 new bugs in coverity from generated dom bindings code that doesn't initialize |found|.

This is particularly troublesome in |delete_| functions where we do things like:

> CID 1244614 (#1 of 1): Uninitialized scalar variable (UNINIT)6. uninit_use: Using uninitialized value found.
> 762    *bp = !found;
> 763    if (found) {
> 764      return true;
> 765    }
> 766  }
> 767
> 768  return dom::DOMProxyHandler::delete_(cx, proxy, id, bp);

So bp is going to be possibly invalid, we might or might not return early, which means we might or might not leak (if I'm understanding |delete_| correctly).
delete_ is implementing the trap for the JS "delete" keyword, so no leaks involved.

You're right that "found" ends up uninitialized in the isSymbol case.  This is a duplicate of bug 1058252.
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 1058252
Component: DOM → DOM: Core & HTML
You need to log in before you can comment on or make changes to this bug.