Closed Bug 1275184 Opened 8 years ago Closed 8 years ago

Uninitialised value use in nsDocShellTreeOwner::HandleEvent

Categories

(Core :: DOM: Navigation, defect)

Product:
Core
Component:
DOM: Navigation
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla49
Tracking Flags:
Tracking Status
firefox49 --- fixed

People

(Reporter: jseward, Unassigned)

Details

Attachments

(2 files, 1 obsolete file)

valgrind complaint
2.51 KB, text/plain
Details
bug1275184-2.cset
1.08 KB, patch
smaug
: review+
Details | Diff | Splinter Review 
Valgrind complains about this fragment in nsDocShellTreeOwner::HandleEvent:

      bool canDropLink;
      handler->CanDropLink(dragEvent, false, &canDropLink);
      if (canDropLink) {
        aEvent->PreventDefault();
      }

It seems that |handler->CanDropLink| can return without writing any value
into |canDropLink|.  A bit of grepping for the possible call target produces
this, in <objdir>/dist/include/nsIDroppedLinkHandler.h as the only call
target, so perhaps this is not surprising:

/* boolean canDropLink (in nsIDOMDragEvent aEvent, in boolean aAllowSameDocument); */
NS_IMETHODIMP nsDroppedLinkHandler::CanDropLink(nsIDOMDragEvent *aEvent,
                                bool aAllowSameDocument, bool *_retval)
{
    return NS_ERROR_NOT_IMPLEMENTED;
}

Maybe the call in nsDocShellTreeOwner::HandleEvent should check the return
value before looking at |canDropLink| ?

STR:

DISPLAY=:1.0 ./mach mochitest -f plain --keep-open=no \
  --valgrind=/home/sewardj/VgTRUNK/asert/Inst/bin/valgrind \
  --valgrind-args=--show-mismatched-frees=no,--track-origins=yes \
  dom/events/test/test_bug1264380.html  2>&1 | tee spew-29-05-mc
Attached file valgrind complaint 

    
    

    
  

      
      
      
      

        Attached patch
          
          
        bug1275184-1.cset (obsolete)
        — Splinter Review
      

    


  
A possible fix.

    
    

    
  


  

        Attachment #8755728 -
        Attachment is obsolete: true

    
  

        Attachment #8755874 -
        Flags: review?(bugs)

        Attachment #8755874 -
        Flags: review?(bugs) → review+

    
    

    
  
https://hg.mozilla.org/mozilla-central/rev/83a0dff3856c
Status: NEW → RESOLVED
Closed: 8 years ago

          status-firefox49:
          --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla49

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: