Closed
Bug 1289064
Opened 8 years ago
Closed 8 years ago
[Static Analysis][Dereference before null check] In function XPCConvert::NativeInterface2JSObject
Categories
(Core :: XPCOM, defect)
Core
XPCOM
Tracking
()
RESOLVED
FIXED
mozilla50
Tracking | Status | |
---|---|---|
firefox50 | --- | fixed |
People
(Reporter: andi, Assigned: andi)
References
(Blocks 1 open bug)
Details
(Keywords: coverity, Whiteboard: CID 1364449)
Attachments
(1 file)
The Static Analysis tool Coverity detected that pointer |iid| is dereferenced before being null checked: dereference: #ifdef SPIDERMONKEY_PROMISE >> if (iid->Equals(NS_GET_IID(nsISupports))) { >> // Check for a Promise being returned via nsISupports. In that >> // situation, we want to dig out its underlying JS object and return >> // that. >> RefPtr<Promise> promise = do_QueryObject(aHelper.Object()); null check: >> // Go ahead and create an XPCWrappedNative for this object. >> AutoMarkingNativeInterfacePtr iface(cx); >> if (iid) { >> if (Interface) >> iface = *Interface; I don't think the null check has a purpose here since of these lines: >> MOZ_ASSERT_IF(Interface, iid); >> if (!iid) >> iid = &NS_GET_IID(nsISupports); And if we expand NS_GET_IID macro we get that iid becomes the address of: template<typename T> const nsIID the_interface::COMTypeInfo<the_interface, T>::kIID
Assignee | ||
Comment 1•8 years ago
|
||
Review commit: https://reviewboard.mozilla.org/r/66808/diff/#index_header See other reviews: https://reviewboard.mozilla.org/r/66808/
Attachment #8774289 -
Flags: review?(bobbyholley)
Comment 2•8 years ago
|
||
Comment on attachment 8774289 [details] Bug 1289064 - eliminate null check on |iid| in XPCConvert::NativeInterface2JSObject. https://reviewboard.mozilla.org/r/66808/#review63706
Attachment #8774289 -
Flags: review?(bobbyholley) → review+
Pushed by bpostelnicu@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/9e9ba7b85410 eliminate null check on |iid| in XPCConvert::NativeInterface2JSObject. r=bholley
Comment 4•8 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/9e9ba7b85410
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla50
You need to log in
before you can comment on or make changes to this bug.
Description
•