1242452 - [Static Analysis][Dereference null return value] In function nsSocketTransportService::AnalyzeConnection from nsSOCKSIOLayer.cpp

Status: RESOLVED FIXED

(Core :: Networking, defect)

Description

[Andi [:andi]]

The Static Analysis tool Coverity added function PR_GetIdentitiesLayer(aFD, PR_NSPR_IO_LAYER) can return a null value, having a null pointer dereference in the following code:

>>    bool tcp = (PR_GetDescType(PR_GetIdentitiesLayer(aFD, PR_NSPR_IO_LAYER)) ==
>>                PR_DESC_SOCKET_TCP);

This happens only if aFD doesn't have higher or lower links of type PR_NSPR_IO_LAYER. If we consider that this scenario cannot happen, and function PR_GetIdentitiesLayer(aFD, PR_NSPR_IO_LAYER) always returns a valid pointer, we can just it's result in order to please Coverity otherwise we can include the propose patch.

Comment 1

[Andi [:andi]]

Attachment: MozReview Request: Bug 1242452 - only if PR_GetIdentitiesLayer return valid pointer continue and pass it's result to PR_GetIdentitiesLayer. r?mcmanus

Review commit: https://reviewboard.mozilla.org/r/32285/diff/#index_header
See other reviews: https://reviewboard.mozilla.org/r/32285/

Comment 2

[Patrick McManus [:mcmanus]]

Comment on attachment 8711648 [details]
MozReview Request: Bug 1242452 - only if PR_GetIdentitiesLayer return valid pointer continue and pass it's result to PR_GetIdentitiesLayer. r?mcmanus

https://reviewboard.mozilla.org/r/32285/#review28909

Comment 3

[Pulsebot]

https://hg.mozilla.org/integration/mozilla-inbound/rev/4c9e1d2a8026

Comment 4

[Carsten Book [:Tomcat]]

https://hg.mozilla.org/mozilla-central/rev/4c9e1d2a8026

Comment 5

[Carsten Book [:Tomcat]]

https://hg.mozilla.org/mozilla-central/rev/4c9e1d2a8026