Closed Bug 465270 Opened 13 years ago Closed 13 years ago

uninitialised value in devutil.c::create_object()

Categories

(NSS :: Libraries, defect, P3)

defect

Tracking

(Not tracked)

RESOLVED FIXED
3.12.3

People

(Reporter: cnst+bmo, Assigned: cnst+bmo)

References

Details

Attachments

(1 file)

In nss/lib/dev/devutil.c::create_object(), if the expression inside the first if-statement is true (e.g. the first goto in the function is executed), then we end up referencing a local variable 'arena' that was never initialised. This is a regression from bug #353909 (devutil.c#rev1.27, dated 2006-10-30).  It's also a regression from bug #444974 (devutil.c#rev1.32, dated 2008-09-29), because currently there's one more goto before 'arena' is initialised. :)

Found with LLVM/Clang Static Analyser.
Attachment #348515 - Flags: review?(nelson)
Comment on attachment 348515 [details] [diff] [review]
uninitialised value in arena in devutil.c::create_object()

We'll get this committed after the NSS trunk opens again.
Attachment #348515 - Flags: review?(nelson) → review+
Checking in devutil.c; new revision: 1.33; previous revision: 1.32
Status: ASSIGNED → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
Priority: -- → P3
Target Milestone: --- → 3.12.3
You need to log in before you can comment on or make changes to this bug.