Closed Bug 1529616 Opened 8 months ago Closed 8 months ago

Coverity warns about a possible nullptr dereference in nsTextEditorState::SetSelectionRange()

Categories

(Core :: Layout, enhancement)

enhancement
Not set

Tracking

()

RESOLVED FIXED
mozilla67
Tracking Status
firefox67 --- fixed

People

(Reporter: ehsan, Assigned: ehsan)

References

(Blocks 1 open bug)

Details

Attachments

(1 file)

After bug 1470926, Coverity notices the new null check and thinks the previous dereference of mBoundFrame is prone to a null dereference as well:

https://hg.mozilla.org/mozilla-central/annotate/471db22054e7/dom/html/nsTextEditorState.cpp#l1640

Perhaps we should add another null check to help out the tool here?

That's not true: https://searchfox.org/mozilla-central/rev/b36e97fc776635655e84f2048ff59f38fa8a4626/dom/html/nsTextEditorState.cpp#1611

I'd prefer not having to add a null-check there just for the tool's sake.

Fair. Then I think eliminating the useless null check is the right thing to do here.

Attachment #9047190 - Attachment description: Bug 1529616 - Eliminate a useless null check from nsTextEditorState::SetSelectionRange; → Bug 1529616 - Convert a null check in nsTextEditorState::SetSelectionRange into a weak frame check;
Attachment #9047190 - Attachment description: Bug 1529616 - Convert a null check in nsTextEditorState::SetSelectionRange into a weak frame check; → Bug 1529616 - Add an assertion on mBoundFrame right before dereferencing it inside nsTextEditorState::SetSelectionRange in the hopes of convincing Coverity that there are no bugs here to be found;
Pushed by eakhgari@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/f8e41c1ad7ba
Add an assertion on mBoundFrame right before dereferencing it inside nsTextEditorState::SetSelectionRange in the hopes of convincing Coverity that there are no bugs here to be found; r=emilio
Status: NEW → RESOLVED
Closed: 8 months ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla67
You need to log in before you can comment on or make changes to this bug.