Closed Bug 1615130 Opened 11 months ago Closed 7 months ago

Potential uninitialized read in WebAudioUtils::LogToDeveloperConsole

Categories

(Core :: Web Audio, defect, P3)

defect

Tracking

()

RESOLVED FIXED
mozilla79
Tracking Status
firefox75 --- wontfix
firefox79 --- fixed

People

(Reporter: deian, Assigned: koalab1999)

References

(Blocks 1 open bug)

Details

Attachments

(1 file)

Semmle flagged uninitialized read of aLineNumber and aColumnNumber
https://searchfox.org/mozilla-central/source/dom/media/webaudio/WebAudioUtils.cpp#137-138

This looks like a true alert, but not really use if the JS context is every false here.

Printing garbage numbers on the console doesn't seem exploitable. The JS context might be null if this is called from C++

Group: core-security

Values are set to 0 by default rather than uninitialized. It is useful when AudioContext is null.

Assignee: nobody → koalab1999
Status: NEW → ASSIGNED
Pushed by padenot@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/b912f803b3a8
Fix uninitialized data. r=padenot
Status: ASSIGNED → RESOLVED
Closed: 7 months ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla79
You need to log in before you can comment on or make changes to this bug.