Last Comment Bug 453254 - nsZipReaderCache::GetZip doesn't null-check the zipFile argument
: nsZipReaderCache::GetZip doesn't null-check the zipFile argument
Status: RESOLVED FIXED
: crash, fixed1.8.1.18, verified1.9.0.4
Product: Core
Classification: Components
Component: Networking: JAR (show other bugs)
: Trunk
: All All
: -- critical (vote)
: mozilla1.9.1b1
Assigned To: Alex Vincent [:WeirdAl]
:
Mentors:
http://hg.mozilla.org/mozilla-central...
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2008-09-01 23:30 PDT by Alex Vincent [:WeirdAl]
Modified: 2009-04-09 23:30 PDT (History)
4 users (show)
bugzillamozillaorg_serge_20140323: in‑testsuite+
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---
Has Regression Range: ---
Has STR: ---


Attachments
patch (1.20 KB, patch)
2008-09-01 23:46 PDT, Alex Vincent [:WeirdAl]
cbiesinger: review+
cbiesinger: superreview+
Details | Diff | Review
patch corrected for check-in (1.21 KB, patch)
2008-09-02 00:20 PDT, Alex Vincent [:WeirdAl]
dveditz: approval1.8.1.18+
dveditz: approval1.9.0.4+
Details | Diff | Review

Description Alex Vincent [:WeirdAl] 2008-09-01 23:30:05 PDT

    
Comment 1 Alex Vincent [:WeirdAl] 2008-09-01 23:46:54 PDT
Created attachment 336446 [details] [diff] [review]
patch

I'm compiling with this patch now, I'll let you know test results as soon as I can.
Comment 2 Alex Vincent [:WeirdAl] 2008-09-02 00:01:41 PDT
xpcshell test passes, this fixes the crash.
Comment 3 Christian :Biesinger (don't email me, ping me on IRC) 2008-09-02 00:03:15 PDT
Comment on attachment 336446 [details] [diff] [review]
patch

+  NS_ENSURE_ARG(zipFile);

should be NS_ENSURE_ARG_POINTER (and an appropriately fixed test)
Comment 4 Alex Vincent [:WeirdAl] 2008-09-02 00:20:14 PDT
Created attachment 336448 [details] [diff] [review]
patch corrected for check-in
Comment 5 Dão Gottwald [:dao] 2008-09-06 08:08:02 PDT
http://hg.mozilla.org/mozilla-central/rev/6c8c8fc37617
Comment 6 Alex Vincent [:WeirdAl] 2008-09-08 11:46:02 PDT
Null dereference crash, simple fix, requesting approval for 1.9.0.x and 1.8.1.x branches.
Comment 7 Alex Vincent [:WeirdAl] 2008-09-08 11:46:32 PDT
whoops, wrong way to do it
Comment 8 Alex Vincent [:WeirdAl] 2008-09-08 11:46:58 PDT
Comment on attachment 336446 [details] [diff] [review]
patch

Null dereference crash, simple fix, requesting approval for 1.9.0.x and 1.8.1.x
branches.
Comment 9 Daniel Veditz [:dveditz] 2008-09-22 11:43:00 PDT
Comment on attachment 336448 [details] [diff] [review]
patch corrected for check-in

Approved for 1.8.1.17 and 1.9.0.3, a=dveditz for release-drivers
Comment 10 Samuel Sidler (old account; do not CC) 2008-10-20 09:13:54 PDT
Alex: Are you intending on getting this checked in?
Comment 11 Alex Vincent [:WeirdAl] 2008-10-20 10:05:18 PDT
Samuel, I don't have checkin privileges, someone else will have to do it for me.
Comment 12 Daniel Veditz [:dveditz] 2008-10-20 17:12:30 PDT
Fix checked into 1.8 and 1.9.0 branches
Comment 13 [On PTO until 6/29] 2008-10-21 14:42:50 PDT
Is there a test case or repro steps to verify this bug?
Comment 14 Alex Vincent [:WeirdAl] 2008-10-21 15:02:47 PDT
Al:  The patch includes a xpcshell testcase, so trunk and 1.9 tinderboxes will already be running it. (I hope!)
Comment 15 [On PTO until 6/29] 2008-10-23 17:53:25 PDT
In fact, I see it running and passing at http://tinderbox.mozilla.org/showlog.cgi?log=Firefox3.0/1224785686.1224788396.19521.gz.

Marking it as verified for 1.9.0.4.
Comment 16 [On PTO until 6/29] 2008-11-04 12:35:08 PST
Of course, I should verify it for 1.8.1.18 as well but the test doesn't run there.

Note You need to log in before you can comment on or make changes to this bug.