Closed
Bug 235745
Opened 21 years ago
Closed 21 years ago
Possible leak or crash in nsStorageStream
Categories
(Core :: XPCOM, defect)
Core
XPCOM
Tracking
()
RESOLVED
FIXED
People
(Reporter: nsayer, Assigned: nsayer)
Details
Attachments
(1 file)
790 bytes,
patch
|
darin.moz
:
review+
darin.moz
:
superreview+
|
Details | Diff | Splinter Review |
User-Agent:
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.6) Gecko/20040113
It is conceivable that since the return value of nsStorageStream->Init() is not
being checked that an uninitialized nsStorageStream could be returned.
Reproducible: Didn't try
Steps to Reproduce:
See patch
Assignee | ||
Comment 1•21 years ago
|
||
Updated•21 years ago
|
Assignee: wchang0222 → dougt
Component: NSPR → XPCOM
Product: NSPR → Browser
Version: other → Trunk
Updated•21 years ago
|
QA Contact: wchang0222 → dougt
Comment 2•21 years ago
|
||
Comment on attachment 142358 [details] [diff] [review]
Proposed patch
>Index: io/nsStorageStream.cpp
> nsStorageStream* storageStream = new nsStorageStream();
> if (!storageStream) return NS_ERROR_OUT_OF_MEMORY;
>
>+ nsresult rv = storageStream->Init(segmentSize, maxSize);
> NS_ADDREF(storageStream);
>+ if (NS_FAILED(rv)) {
>+ NS_RELEASE(storageStream);
>+ return rv;
>+ }
> *result = storageStream;
> return NS_OK;
>+}
move the NS_ADDREF above the Init call. that way, if Init ever changes
such that it needs to call AddRef/Release/QI on |this|, we won't get in
trouble.
r+sr=darin with that.
Attachment #142358 -
Flags: superreview+
Attachment #142358 -
Flags: review+
mozilla/xpcom/io/nsStorageStream.cpp 1.26
Status: UNCONFIRMED → RESOLVED
Closed: 21 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•