Closed Bug 353728 Opened 19 years ago Closed 7 years ago

Klocwork 89175 null ptr deref in prdtoa.c

Categories

(NSPR :: NSPR, defect)

Product:
NSPR
Component:
NSPR
Type:
defect
Priority:
Not set
Severity:
minor

Tracking

(Not tracked)

Status:
RESOLVED WONTFIX

People

(Reporter: nelson, Assigned: wtc)

References

(
URL
)

Details

(Keywords: klocwork)

Klocwork ID 89175 File pr/src/misc/prdtoa.c function Balloc Pointer 'rv' returned from call to function 'malloc' at line 604 may be NULL and will be dereferenced at line 606.
Keywords: klocwork
It's easy to fix this bug in Balloc, but Balloc and the functions that call it can also return NULL. None of the callers of these functions check the functions' return values for NULL. So a better strategy is to ensure that MALLOC doesn't need to be called. You can search for Omit_Private_Memory in the file. It seems that by making the file single threaded, using a large enough PRIVATE_MEM value, and limiting the maximum length of a string to be converted, MALLOC calls can be avoided.
Severity: normal → minor
QA Contact: wtchang → nspr
No activity for 12 years, I think we can close it...
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.