Closed Bug 1242452 Opened 4 years ago Closed 4 years ago

[Static Analysis][Dereference null return value] In function nsSocketTransportService::AnalyzeConnection from nsSOCKSIOLayer.cpp

Categories

(Core :: Networking, defect)

defect
Not set

Tracking

()

RESOLVED FIXED
mozilla47
Tracking Status
firefox46 --- affected
firefox47 --- fixed

People

(Reporter: andi, Assigned: andi)

References

(Blocks 1 open bug)

Details

(Keywords: coverity, Whiteboard: CID 1349786)

Attachments

(1 file)

The Static Analysis tool Coverity added function PR_GetIdentitiesLayer(aFD, PR_NSPR_IO_LAYER) can return a null value, having a null pointer dereference in the following code:

>>    bool tcp = (PR_GetDescType(PR_GetIdentitiesLayer(aFD, PR_NSPR_IO_LAYER)) ==
>>                PR_DESC_SOCKET_TCP);

This happens only if aFD doesn't have higher or lower links of type PR_NSPR_IO_LAYER. If we consider that this scenario cannot happen, and function PR_GetIdentitiesLayer(aFD, PR_NSPR_IO_LAYER) always returns a valid pointer, we can just it's result in order to please Coverity otherwise we can include the propose patch.
Attachment #8711648 - Flags: review?(mcmanus) → review+
Comment on attachment 8711648 [details]
MozReview Request: Bug 1242452 - only if PR_GetIdentitiesLayer return valid pointer continue and pass it's result to PR_GetIdentitiesLayer. r?mcmanus

https://reviewboard.mozilla.org/r/32285/#review28909
Keywords: checkin-needed
https://hg.mozilla.org/mozilla-central/rev/4c9e1d2a8026
Status: NEW → RESOLVED
Closed: 4 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla47
You need to log in before you can comment on or make changes to this bug.