Closed Bug 1167531 Opened 8 years ago Closed 8 years ago

Uninitialised value uses relating to GonkDisplayJB::GonkDisplayJB

Categories

(Core Graveyard :: Widget: Gonk, defect)

Product:
Core Graveyard
Component:
Widget: Gonk
Platform:
ARM
Gonk (Firefox OS)
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(firefox41 fixed)

Status:
RESOLVED FIXED
Milestone:
mozilla41
Tracking Flags:
Tracking Status
firefox41 --- fixed

People

(Reporter: jseward, Assigned: jseward)

Details

Attachments

(2 files)

Valgrind complaints
5.03 KB, text/plain
Details
bug1167531-1.diff
925 bytes, patch
mwu
: review+
Details | Diff | Splinter Review 
GonkDisplayJB::GonkDisplayJB allocates a secondary structure

GonkDisplayJB.cpp:132
    mList = (hwc_display_contents_1_t *)malloc(sizeof(*mList) + (sizeof(hwc_layer_1_t)*2));

Some but not all of mList's many fields are filled in in GonkDisplayJB::Post.
It appears that some of these fields (5, I suspect) are used uninitialised
shortly thereafter.
Attached file Valgrind complaints 

    
    

    
  


  
* Allocates mList using calloc so as to ensure that all fields are defined

* [optional cleanup] sets GonkDisplayJB::{mWidth,mHeight} right at the
  start of GonkDisplayJB::GonkDisplayJB so as to make it obvious to all
  that these fields have an initial value regardless of the control flow
  in the constructor body.

    
  

        Attachment #8609262 -
        Flags: review?(mwu)

    
  

        Attachment #8609262 -
        Flags: review?(mwu) → review+

    
    

    
  
https://hg.mozilla.org/mozilla-central/rev/ec2a1ba41a7a
Status: NEW → RESOLVED
Closed: 8 years ago

          status-firefox41:
          affectedfixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla41

    
  
Product: Core → Core Graveyard

          You need to log in
          before you can comment on or make changes to this bug.