Closed
Bug 1234540
Opened 9 years ago
Closed 8 years ago
[Static Analysis][Dereference null return value] In function nsCacheEntryHashTable::AddEntry from nsCacheEntry.cpp
Categories
(Core :: Networking: Cache, defect)
Core
Networking: Cache
Tracking
()
RESOLVED
FIXED
mozilla47
People
(Reporter: andi, Assigned: andi)
References
(Blocks 1 open bug)
Details
(Keywords: coverity, Whiteboard: CID 1324686 [necko-active])
Attachments
(1 file, 1 obsolete file)
1003 bytes,
patch
|
michal
:
review+
|
Details | Diff | Splinter Review |
The Static Analysis tool Coverity added that pointer hashEntry can be null thus having a null pointer dereference: >> hashEntry = table.Add(&(cacheEntry->mKey), fallible); >>#ifndef DEBUG_dougt >> NS_ASSERTION(((nsCacheEntryHashTableEntry *)hashEntry)->cacheEntry == 0, >> "### nsCacheEntryHashTable::AddEntry - entry already used"); >>#endif >> ((nsCacheEntryHashTableEntry *)hashEntry)->cacheEntry = cacheEntry; This can happen if in function table->Add malloc fails because of oom: >> MOZ_RELEASE_ASSERT(SizeOfEntryStore(CapacityFromHashShift(), mEntrySize, >> &nbytes)); >> mEntryStore.Set((char*)malloc(nbytes)); >> if (!mEntryStore.Get()) { >> return nullptr; >> }
Assignee | ||
Comment 1•9 years ago
|
||
Attachment #8701042 -
Flags: review?(mcmanus)
Updated•9 years ago
|
Attachment #8701042 -
Flags: review?(mcmanus) → review?(michal.novotny)
Assignee | ||
Comment 2•9 years ago
|
||
Attachment #8701042 -
Attachment is obsolete: true
Attachment #8701042 -
Flags: review?(michal.novotny)
Attachment #8701045 -
Flags: review?(michal.novotny)
Updated•9 years ago
|
Attachment #8701045 -
Flags: review?(michal.novotny) → review+
Comment 3•8 years ago
|
||
please check in the reviewed patch or otherwise resolve this bug. thanks
Flags: needinfo?(bogdan.postelnicu)
Whiteboard: CID 1324686 → CID 1324686 [necko-active]
Comment 6•8 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/d0459ee243da
Status: NEW → RESOLVED
Closed: 8 years ago
status-firefox47:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla47
You need to log in
before you can comment on or make changes to this bug.
Description
•