Closed
Bug 1188180
Opened 9 years ago
Closed 9 years ago
Possible use of uninitialized |res| in |nsHTMLEditRules::GetNodesForOperation|
Categories
(Core :: DOM: Editor, enhancement)
Core
DOM: Editor
Tracking
()
RESOLVED
FIXED
mozilla42
Tracking | Status | |
---|---|---|
firefox42 | --- | fixed |
People
(Reporter: erahm, Assigned: ayg)
References
(Blocks 1 open bug)
Details
(Keywords: coverity, Whiteboard: [CID 1296141])
Attachments
(1 file)
1.77 KB,
patch
|
ehsan.akhgari
:
review+
|
Details | Diff | Splinter Review |
+++ This bug was initially created as a clone of Bug #1149163 +++
Coverity indicates it's possible that |res| [1] is used uninitialized [2]. It would appear this could happen if |rangeCount| is 0 and |aTouchContent == TouchContent::yes|.
[1] https://hg.mozilla.org/mozilla-central/annotate/2ddec2dedced/editor/libeditor/nsHTMLEditRules.cpp#l5765
[2] https://hg.mozilla.org/mozilla-central/annotate/2ddec2dedced/editor/libeditor/nsHTMLEditRules.cpp#l5793
Assignee | ||
Comment 1•9 years ago
|
||
Yep, quite correct. Thanks! In this case we do need to initialize it. rangeCount being 0 is not reasonable here, but I don't know if it's impossible.
I don't think this patch needs a try run.
Assignee | ||
Updated•9 years ago
|
Attachment #8639806 -
Flags: review?(nfroyd) → review?(ehsan)
Updated•9 years ago
|
Attachment #8639806 -
Flags: review?(ehsan) → review+
Status: ASSIGNED → RESOLVED
Closed: 9 years ago
status-firefox42:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla42
Updated•7 years ago
|
Blocks: coverity-analysis
You need to log in
before you can comment on or make changes to this bug.
Description
•