Closed Bug 506706 Opened 11 years ago Closed 2 years ago

XPC_JSArgumentFormatter uses va_copy without va_end

Categories

(Core :: XPConnect, defect)

defect
Not set

Tracking

()

RESOLVED INACTIVE

People

(Reporter: timeless, Assigned: timeless)

References

(Blocks 1 open bug, )

Details

(Keywords: coverity)

Attachments

(1 file)

2.52 KB, patch
timeless
: review?
dbradley
Details | Diff | Splinter Review
http://linux.about.com/library/cmd/blcmdl3_va_start.htm

va_start
The va_start macro initializes ap for subsequent use by va_arg and va_end, and must be called first.

va_end
Each invocation of va_start must be matched by a corresponding invocation of
va_end in the same function.

1797 XPC_JSArgumentFormatter(JSContext *cx, const char *format,

1805 va_list ap;
1808     VARARGS_ASSIGN(ap, *app);
1832                 p = va_arg(ap, void *);

1836                 return JS_FALSE;

1844             *va_arg(ap, void **) = p;

1852                 iid  = va_arg(ap, const nsIID*);

1864                 return JS_FALSE;

1868         p = va_arg(ap, void *);

1872             return JS_FALSE;

1875     VARARGS_ASSIGN(*app, ap);
1876     return JS_TRUE;
oops, wrong section:
Each invocation of va_copy must be matched by a corresponding invocation of va_end in the same function.
Summary: XPC_JSArgumentFormatter uses va_args without va_start + va_end → XPC_JSArgumentFormatter uses va_args without va_end
Summary: XPC_JSArgumentFormatter uses va_args without va_end → XPC_JSArgumentFormatter uses va_copy without va_end
This should just be changed to use va_arg. There's no need for anything else since this is passed a va_list. va_arg(*ap, sometype); I think all the macros were for odd platforms that didn't have standard support of va_list. I doubt we care about those any more. There are many references in the code such as in the JS engine that use va_arg straight without any such gymnastics.

Arguably the api's around JS arg formatting probably should be updated as well.
Attached patch my changesSplinter Review
i'm not actively working on these things. i'm trying to do "simple" patches, and it seems that i've already lost quite a few of them.
Assignee: nobody → timeless
Status: NEW → ASSIGNED
Attachment #393727 - Flags: review?(dbradley)
Per policy at https://wiki.mozilla.org/Bug_Triage/Projects/Bug_Handling/Bug_Husbandry#Inactive_Bugs. If this bug is not an enhancement request or a bug not present in a supported release of Firefox, then it may be reopened.
Status: ASSIGNED → RESOLVED
Closed: 2 years ago
Resolution: --- → INACTIVE
You need to log in before you can comment on or make changes to this bug.