Closed Bug 353268 Opened 19 years ago Closed 15 years ago

klocwork doesn't like the fact that AffixMgr::parse_affix seems to trust its input

Categories

(Core :: Spelling checker, defect)

Product:
Core
Component:
Spelling checker
Platform:
x86
Linux
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: timeless, Unassigned)

References

(
URL
)

Details

(Keywords: klocwork)

https://opensource.klocwork.com/idm/problem.html?project=firefox&pid=92647 klocwork's error is sucky, but i'll simply say that the return value from fgets should be checked. if it isn't checked and the file is corrupt, you can spend lots of time doing nothing useful.
oh, oops, most importantly, total failure to check return for alloc failure in the last loop (the one klocwork actually flagged).
URL: http://bonsai.mozilla.org/cvsblame.cg...http://bonsai.mozilla.org/cvsblame.cg...
Assignee: mscott → nobody
The URL in comment #0 doesn't seem to work anymore. Can you post a new link?
dunno, but you can work from the bonsai url link
hunspell 1.2.11 (at least, also possibly earlier) now uses FileMgr::getline instead of fgets directly and checks the result for failure. So that one is cleared. The tests for alloc failures in that method is a duplicate to CID#1464 "Returning without freeing storage "ptr" and should also be be fixed in hunspell 1.2.11, so I think this one is now fixed
ok, let's mark this as fixed, we can see the fgets code in cvsblame, you indicated it was removed, and i can verify that it isn't there anymore.
Status: UNCONFIRMED → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.