Closed Bug 1231329 Opened 4 years ago Closed 4 years ago

[Static Analysis][Dereference before null check] Function nsBaseDragService::DrawDrag from nsBaseDragService.cpp

Categories

(Core :: Widget, defect)

defect
Not set

Tracking

()

RESOLVED FIXED
mozilla46
Tracking Status
firefox45 --- affected
firefox46 --- fixed

People

(Reporter: andi, Assigned: andi)

References

(Blocks 1 open bug)

Details

(Keywords: coverity, Whiteboard: CID 1327946)

Attachments

(1 file, 2 obsolete files)

The Static Analysis tool Coverity added that aPresContext is dereferenced in:

>>   ConvertToUnscaledDevPixels(*aPresContext, &sx, &sy)

and it could be null, so producing a null pointer dereference. This could be the case if presShell->GetPresContext() is null since this attribution takes place:

>>   *aPresContext = presShell->GetPresContext();
Attached patch Bug 1231329.diff (obsolete) — Splinter Review
Attachment #8696955 - Flags: review?(roc)
Comment on attachment 8696955 [details] [diff] [review]
Bug 1231329.diff

Review of attachment 8696955 [details] [diff] [review]:
-----------------------------------------------------------------

::: widget/nsBaseDragService.cpp
@@ +541,5 @@
> +  if (*aPresContext)
> +  {
> +    // convert mouse position to dev pixels of the prescontext
> +    int32_t sx = aScreenX, sy = aScreenY;
> +    ConvertToUnscaledDevPixels(*aPresContext, &sx, &sy);

Instead, let's just remove the null check later on. This can't be null.
Attachment #8696955 - Flags: review?(roc)
Attached patch Bug 1231329.diff (obsolete) — Splinter Review
ideed those two null checks are useless since:

>>  *aPresContext = presShell->GetPresContext();

and GetPresContext() return the address  nsPresContext type from RefPtr<nsPresContext>
Attachment #8697530 - Flags: review?(roc)
Attached patch Bug 1231329.diffSplinter Review
Attachment #8696955 - Attachment is obsolete: true
Attachment #8697530 - Attachment is obsolete: true
Attachment #8697530 - Flags: review?(roc)
Attachment #8697531 - Flags: review?(roc)
Keywords: checkin-needed
https://hg.mozilla.org/mozilla-central/rev/fa9e79513890
Status: NEW → RESOLVED
Closed: 4 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla46
You need to log in before you can comment on or make changes to this bug.