Closed Bug 1231107 Opened 10 years ago Closed 10 years ago

[Static Analysis][Explicit null dereferenced] Function BuildSegmentsFromValueEntries from KeyframeEffect.cpp

Tracking

()

Status:

RESOLVED FIXED

Milestone:

mozilla45

Tracking Flags:

Tracking

Status

firefox45

---

fixed

People

(Reporter: andi, Assigned: andi)

References

(Blocks 1 open bug)

Details

(Keywords: coverity, Whiteboard: CID 1328736)

Attachments

(1 file)

Bug 1231107.diff 10 years ago Andi [:andi] 1.10 KB, patch	heycam : review+	Details \| Diff \| Splinter Review

Andi [:andi]

Assignee

Description

•

10 years ago

The Static Analysis tool Coverity added that variable animationProperty can be null thus causing a null pointer dereference on line: >> // Now generate the segment. >> AnimationPropertySegment* segment = >> animationProperty->mSegments.AppendElement(); This could happen when condition is false: >> // If we've moved on to a new property, create a new AnimationProperty >> // to insert segments into. >> if (aEntries[i].mProperty != lastProperty) { >> MOZ_ASSERT(aEntries[i].mOffset == 0.0f); >> animationProperty = aResult.AppendElement(); >> animationProperty->mProperty = aEntries[i].mProperty; >> animationProperty->mWinsInCascade = true; >> lastProperty = aEntries[i].mProperty; >> }

Andi [:andi]

Assignee

Updated

•

10 years ago

Whiteboard: CID 1328736

Andi [:andi]

Assignee

Comment 1

•

10 years ago

Attached patch Bug 1231107.diff — Details — Splinter Review

Hello Johnny, Can you please take a look other this patch? THX

Attachment #8696666 - Flags: review?(jst)

Olli Pettay [:smaug][bugs@pettay.fi]

Comment 2

•

10 years ago

Comment on attachment 8696666 [details] [diff] [review] Bug 1231107.diff The relevant code is from Bug 1208951

Attachment #8696666 - Flags: review?(jst) → review?(cam)

Olli Pettay [:smaug][bugs@pettay.fi]

Updated

•

10 years ago

Component: DOM → DOM: Animation

Cameron McCormack (:heycam)

Updated

•

10 years ago

Attachment #8696666 - Flags: review?(cam) → review+

Andi [:andi]

Assignee

Comment 3

•

10 years ago

Thank you for the review.

Andi [:andi]

Assignee

Updated

•

10 years ago

Keywords: checkin-needed

Pulsebot

Comment 4

•

10 years ago

https://hg.mozilla.org/integration/mozilla-inbound/rev/6a1393f29854

Keywords: checkin-needed

Phil Ringnalda (:philor)

Comment 5

•

10 years ago

bugherder

https://hg.mozilla.org/mozilla-central/rev/6a1393f29854

Status: NEW → RESOLVED

Closed: 10 years ago

status-firefox45: affected → fixed

Resolution: --- → FIXED

Target Milestone: --- → mozilla45

You need to log in before you can comment on or make changes to this bug.

Bugzilla

[Static Analysis][Explicit null dereferenced] Function BuildSegmentsFromValueEntries from KeyframeEffect.cpp

Categories

(Core :: DOM: Animation, defect)

Tracking

()

People

(Reporter: andi, Assigned: andi)

References

(Blocks 1 open bug)

Details

(Keywords: coverity, Whiteboard: CID 1328736)

Crash Data

Security

(public)

User Story

Attachments

(1 file)

Description

Updated

Comment 1

Comment 2

Updated

Updated

Comment 3

Updated

Comment 4

Comment 5

Attachment

General

Description

File Name

Content Type