Null pointer dereference in [@ _newJSDContext]

RESOLVED FIXED

Status

--
minor
RESOLVED FIXED
13 years ago
6 days ago

People

(Reporter: kherron+mozilla, Assigned: rflint)

Tracking

({coverity})

Firefox Tracking Flags

(Not tracked)

Details

(URL)

Attachments

(1 attachment)

(Reporter)

Description

13 years ago
This was found through a coverity scan of the firefox source. Please refer to the sample URL.

At line 99, |_newJSDContext| calls |calloc| to allocate a structure, storing the pointer in |jsdc|. If the allocation fails, execution jumps to |label_newJSDContext_failure| at line 154. Following this label are calls to |jsd_DestroyObjectManager| and |jsd_DestroyAtomTable|, both of which dereference |jsdc| without any null check.
Created attachment 219729 [details] [diff] [review]
Check if jsdc is null first
Assignee: rginda → rflint
Status: NEW → ASSIGNED
Attachment #219729 - Flags: review?(rginda)

Comment 2

13 years ago
Comment on attachment 219729 [details] [diff] [review]
Check if jsdc is null first

r=rginda
Attachment #219729 - Flags: review?(rginda) → review+
Whiteboard: [checkin needed]
Doesn't this need SR?
Attachment #219729 - Flags: superreview?(brendan)
Whiteboard: [checkin needed]
Comment on attachment 219729 [details] [diff] [review]
Check if jsdc is null first

Sure.

Hey Rob, do you still want to require sr for jsd changes?  Many other modules have dropped sr requirements in light of stronger peering and ownership.

/be
Attachment #219729 - Flags: superreview?(brendan) → superreview+
Whiteboard: [checkin needed]

Comment 5

13 years ago
Comment on attachment 219729 [details] [diff] [review]
Check if jsdc is null first

grumble, i have all sorts of changes including this one floating around.

i'm going to twiddle a flag or two just so that i can remember to do this checkin this weekend
Attachment #219729 - Flags: review?

Updated

13 years ago
Attachment #219729 - Flags: review?

Updated

13 years ago
Summary: Null pointer dereference in _newJSDContext (js/jsd/jsd_high.c) → Null pointer dereference in [@ _newJSDContext]
Whiteboard: [checkin needed]
Checked in by timeless on 05/11/06 -> rev 3.13
Status: ASSIGNED → RESOLVED
Last Resolved: 13 years ago
Resolution: --- → FIXED

Updated

11 years ago
Blocks: 433528

Updated

6 days ago
Product: Other Applications → Other Applications Graveyard
You need to log in before you can comment on or make changes to this bug.