Closed Bug 235745 Opened 20 years ago Closed 20 years ago

Possible leak or crash in nsStorageStream

Categories

(Core :: XPCOM, defect)

defect
Not set
normal

Tracking

()

RESOLVED FIXED

People

(Reporter: nsayer, Assigned: nsayer)

Details

Attachments

(1 file)

User-Agent:       
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.6) Gecko/20040113

It is conceivable that since the return value of nsStorageStream->Init() is not
being checked that an uninitialized nsStorageStream could be returned.

Reproducible: Didn't try
Steps to Reproduce:




See patch
Attached patch Proposed patchSplinter Review
Assignee: wchang0222 → dougt
Component: NSPR → XPCOM
Product: NSPR → Browser
Version: other → Trunk
QA Contact: wchang0222 → dougt
Comment on attachment 142358 [details] [diff] [review]
Proposed patch

>Index: io/nsStorageStream.cpp

>     nsStorageStream* storageStream = new nsStorageStream();
>     if (!storageStream) return NS_ERROR_OUT_OF_MEMORY;
>     
>+    nsresult rv = storageStream->Init(segmentSize, maxSize);
>     NS_ADDREF(storageStream);
>+    if (NS_FAILED(rv)) {
>+        NS_RELEASE(storageStream);
>+        return rv;
>+    }
>     *result = storageStream;
>     return NS_OK;
>+}

move the NS_ADDREF above the Init call.  that way, if Init ever changes
such that it needs to call AddRef/Release/QI on |this|, we won't get in
trouble.

r+sr=darin with that.
Attachment #142358 - Flags: superreview+
Attachment #142358 - Flags: review+
Assignee: dougt → nsayer
mozilla/xpcom/io/nsStorageStream.cpp 	1.26
Status: UNCONFIRMED → RESOLVED
Closed: 20 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: