klocwork doesn't like the fact that AffixMgr::parse_affix seems to trust its input

RESOLVED FIXED

Status

()

RESOLVED FIXED
12 years ago
9 years ago

People

(Reporter: timeless, Unassigned)

Tracking

({klocwork})

Trunk
x86
Linux
klocwork
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(URL)

(Reporter)

Description

12 years ago
https://opensource.klocwork.com/idm/problem.html?project=firefox&pid=92647

klocwork's error is sucky, but i'll simply say that the return value from fgets should be checked.

if it isn't checked and the file is corrupt, you can spend lots of time doing nothing useful.
(Reporter)

Comment 1

12 years ago
oh, oops, most importantly, total failure to check return for alloc failure in the last loop (the one klocwork actually flagged).
Assignee: mscott → nobody
The URL in comment #0 doesn't seem to work anymore. Can you post a new link?
(Reporter)

Comment 3

9 years ago
dunno, but you can work from the bonsai url link

Comment 4

9 years ago
hunspell 1.2.11 (at least, also possibly earlier) now uses FileMgr::getline instead of fgets directly and checks the result for failure. So that one is cleared.

The tests for alloc failures in that method is a duplicate to CID#1464 "Returning without freeing storage "ptr" and should also be be fixed in hunspell 1.2.11, so I think this one is now fixed
(Reporter)

Comment 5

9 years ago
ok, let's mark this as fixed, we can see the fgets code in cvsblame, you indicated it was removed, and i can verify that it isn't there anymore.
Status: UNCONFIRMED → RESOLVED
Last Resolved: 9 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.