[Static Analysis][Dereference before null check] In function EventSourceImpl::StreamReaderFunc

RESOLVED FIXED in Firefox 54

Status

()

Core
DOM
RESOLVED FIXED
a year ago
a year ago

People

(Reporter: andi, Assigned: andi)

Tracking

(Blocks: 1 bug, {coverity})

Trunk
mozilla54
coverity
Points:
---

Firefox Tracking Flags

(firefox54 fixed)

Details

(Whiteboard: CID 1399512)

MozReview Requests

()

Submitter Diff Changes Open Issues Last Updated
Loading...
Error loading review requests:

Attachments

(1 attachment)

(Assignee)

Description

a year ago
The Static Analysis tool Coverity detected that a dereference before null check happens in the following context:

>>  thisObject->AssertIsOnTargetThread();
>>  EventSourceImpl* thisObject = static_cast<EventSourceImpl*>(aClosure);
>>  if (!thisObject || !aWriteCount) {
>>    NS_WARNING("EventSource cannot read from stream: no aClosure or aWriteCount");
>>    return NS_ERROR_FAILURE;
>>  }
>>  thisObject->ParseSegment((const char*)aFromRawSegment, aCount);

Even though we could assume that the entry parameter is never null we still could call AssertIsOnTargetThread after the nullptr check.
Comment hidden (mozreview-request)

Comment 2

a year ago
mozreview-review
Comment on attachment 8830697 [details]
Bug 1334081 - prevent null pointer dereference in StreamReaderFunc.

https://reviewboard.mozilla.org/r/107442/#review108588
Attachment #8830697 - Flags: review?(amarchesini) → review+

Comment 3

a year ago
Pushed by bpostelnicu@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/e2da10ec6bdd
prevent null pointer dereference in StreamReaderFunc. r=baku

Comment 4

a year ago
bugherder
https://hg.mozilla.org/mozilla-central/rev/e2da10ec6bdd
Status: NEW → RESOLVED
Last Resolved: a year ago
status-firefox54: affected → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla54
You need to log in before you can comment on or make changes to this bug.