Closed
Bug 1652120
Opened 4 years ago
Closed 4 years ago
Potential use of uninitialized variable in PresShell::CreateRangePaintInfo()
Categories
(Core :: Layout, defect)
Core
Layout
Tracking
()
RESOLVED
FIXED
mozilla80
| Tracking | Status | |
|---|---|---|
| firefox80 | --- | fixed |
People
(Reporter: izbyshev, Assigned: heycam)
References
(Blocks 1 open bug)
Details
Attachments
(1 file)
Variable ancestorFrame is not initialized at https://searchfox.org/mozilla-central/rev/622dbd3409/layout/base/PresShell.cpp#4743. If else branch of the following if is taken, and while loop is never entered because ancestor is NULL, it remains uninitialized and then is accessed at https://searchfox.org/mozilla-central/rev/622dbd3409/layout/base/PresShell.cpp#4771.
This code was introduced in bug 1265104.
|
Reporter | |
Updated•4 years ago
|
Blocks: svace-analysis
|
Assignee | |
Comment 1•4 years ago
|
||
Thanks, this code is used when painting the contents of a selection as a drag image. It should be the case that GetClosestCommonInclusiveAncestor returns a non-null node that IsContent() (which the non-fatal assertion is checking), but let's initialize this to be safe.
|
|
Assignee | |
Comment 2•4 years ago
|
||
|
||
Updated•4 years ago
|
Assignee: nobody → cam
|
|
Assignee | |
Updated•4 years ago
|
Severity: -- → S3
Status: UNCONFIRMED → NEW
Ever confirmed: true
Pushed by cmccormack@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/f6127ce5c744 Initialize local variable in PresShell::CreateRangePaintInfo. r=hiro
|
||
Comment 4•4 years ago
|
||
| bugherder | ||
Status: NEW → RESOLVED
Closed: 4 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla80
You need to log in
before you can comment on or make changes to this bug.
Description
•