Open Bug 1105070 Opened 10 years ago Updated 2 years ago

QuotaManager::GetInfoFromPrincipal can dereference a nullptr

Categories

(Core :: DOM: Core & HTML, defect, P5)

defect

Tracking

()

People

(Reporter: bkelly, Unassigned)

Details

At the end of QuotaManager::GetInforFromPrincipal there is this code:

  if (aGroup && aPersistenceType == PERSISTENCE_TYPE_PERSISTENT) {
    *aGroup = *aOrigin;
  }

However, the API suggests that you can optionally pass in the aOrigin pointer only if you want an origin.  If nullptr is passed for origin then this will deref null with *aOrigin.

http://dxr.mozilla.org/mozilla-central/source/dom/quota/QuotaManager.cpp?from=QuotaManager.cpp#2551
https://bugzilla.mozilla.org/show_bug.cgi?id=1472046

Move all DOM bugs that haven’t been updated in more than 3 years and has no one currently assigned to P5.

If you have questions, please contact :mdaly.
Priority: -- → P5
Component: DOM → DOM: Core & HTML
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.