129 - Missing variable initialisation in ns\lib\layout\layimage.c

Status: VERIFIED FIXED

(MozillaClassic Graveyard :: Layout, defect, P3)

Description

[Ben Laurie]

Created by Ben Laurie (ben@algroup.co.uk) on Thursday, April 9, 1998 10:57:38 AM PDT
Additional Details :
Although I haven''t actually seen this cause a problem, it
seems clearly wrong:

ns\lib\layout\layimage.c line 2861:

    LO_ImageStruct *lo_image;

should be:

    LO_ImageStruct *lo_image=NULL;
Updated by Wan-Teh Chang (wtc@netscape.com) on Friday, April 24, 1998 12:24:12 PM PDT
Additional Details :
Added the file name to "Summary Description".
Assigned bug to owner of the layout module,
David Williams <djw@netscape.com>.
Updated by Nisheeth Ranjan (nisheeth@netscape.com) on Sunday, April 26, 1998 6:37:29 PM PDT
Additional Details :
Hmm...  Wan-Teh's bug assignment to djw  didn't go through properly because the
assigned to field was still bugzilla@mozilla.org.

Anyway, am assigning the bug to myself...

Comment 1

[Nisheeth Ranjan]

A crash will occur trying to dereference a NULL lo_image any time
lo_ImageObserver() will be called without a "closure" parameter.  This does not
happen anywhere currently and that is why we do not see any problems.  Just
initializing lo_image to NULL is not going to fix this case because the switch
statement in lo_ImageObserver also contains lo_image dereferencing statements
that are not guarded by a NULL check for lo_image.

The patch that fixes the problem you caught has just been checked into the
mozilla tree.  I'll post the URL to it on this bug report.

Thanks a lot for your input and help!

Comment 2

[Nisheeth Ranjan]

The URL for the patch is

http://cvs-mirror.mozilla.org/webtools/bonsai/cvsview2.cgi?diff_mode=context&whi
tespace_mode=show&subdir=mozilla/lib/layout&command=DIFF_FRAMESET&file=layimage.
c&rev1=3.18&rev2=3.19&root=/cvsroot

Comment 3

[leger]

Old bug....old code base...marking Verified.