Open
Bug 1115175
Opened 10 years ago
Updated 3 years ago
Disallow functions that accept raw pointers to refcounted objects from assigning those pointers to non-local lvalues
Categories
(Developer Infrastructure :: Source Code Analysis, defect)
Tracking
(Not tracked)
NEW
People
(Reporter: ehsan.akhgari, Unassigned)
Details
The idea is to disallow things such as:
nsIFoo* gFoo;
void MyClass::foo(nsIFoo* aFoo, RandomClass& obj) {
gFoo = aFoo; // assign to global, generate compiler error
obj.mFoo = aFoo; // assign to object with unknown life time, generate compiler error
mFoo = aFoo; // assign to member, generate compiler error
}
The first is pretty easy. The second is also relatively easy. The third would be tough since there are a ton of places where we do that...
|
||
Comment 1•10 years ago
|
||
What's the problem here? If the variable you're assigning to is an nsRefPtr, it's safe. If it's a raw pointer, assigning anything to it is unsafe, not just a raw pointer parameter. Shouldn't we just entirely prohibit global or member variables that are raw pointers to a refcounted type?
|
|
||
Updated•10 years ago
|
Flags: needinfo?(ehsan)
|
Reporter | |
Comment 2•10 years ago
|
||
(In reply to :Aryeh Gregor from comment #1)
> What's the problem here? If the variable you're assigning to is an
> nsRefPtr, it's safe. If it's a raw pointer, assigning anything to it is
> unsafe, not just a raw pointer parameter. Shouldn't we just entirely
> prohibit global or member variables that are raw pointers to a refcounted
> type?
Yes. Bug 1114683 is for doing this for member variables. This bug is for doing it for globals.
Flags: needinfo?(ehsan)
|
||
Updated•7 years ago
|
Product: Core → Firefox Build System
|
|
||
Updated•3 years ago
|
Product: Firefox Build System → Developer Infrastructure
|
|
||
Updated•3 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•