Open Bug 1598609 Opened 2 months ago Updated 2 months ago

Memory leak in RequestResolver::GetStorageEstimate after calling QueryInterface

Categories

(Core :: Storage: Quota Manager, defect, P2)

defect

Tracking

()

People

(Reporter: sg, Unassigned)

References

(Blocks 1 open bug)

Details

(Keywords: coverity)

In https://searchfox.org/mozilla-central/rev/581466eef9269afb03d8a0dba2f50215f3a9026c/dom/quota/StorageManager.cpp#428, iid is leaked. The code seems to assume that iid is never allocated when QueryInterface returns a failure, but that is not true. When returning from nsDiscriminatedUnion::ConvertToInterface at https://searchfox.org/mozilla-central/rev/581466eef9269afb03d8a0dba2f50215f3a9026c/xpcom/ds/nsVariant.cpp#1071 with an error, it will have already been allocated.

This might also be a bug to be fixed in nsDiscriminatedUnion::ConvertToInterface.

OS: Unspecified → All
Priority: -- → P2
Hardware: Unspecified → All
Version: unspecified → Trunk

The same bug exists in this other call site of GetAsInterface.

You need to log in before you can comment on or make changes to this bug.