Closed
Bug 619794
Opened 13 years ago
Closed 13 years ago
DECOMPILE_CODE leaks xval on failure in Decompile
Categories
(Core :: JavaScript Engine, defect)
Tracking
()
RESOLVED
FIXED
People
(Reporter: timeless, Assigned: timeless)
References
(Blocks 1 open bug, )
Details
(Keywords: coverity, memory-leak, Whiteboard: fixed-in-tracemonkey)
Attachments
(1 file)
2.37 KB,
patch
|
jorendorff
:
review+
|
Details | Diff | Splinter Review |
1825 Decompile(SprintStack *ss, jsbytecode *pc, intN nb, JSOp nextop) 1870 #define DECOMPILE_CODE(pc,nb) if (!Decompile(ss, pc, nb, JSOP_NOP)) return NULL 3325 case SRC_COND: 3326 xval = JS_strdup(cx, POP_STR()); 3327 if (!xval) 3328 return NULL; 3329 len = js_GetSrcNoteOffset(sn, 0); this leaks xval: 3330 DECOMPILE_CODE(pc + oplen, len - oplen); 3331 lval = JS_strdup(cx, POP_STR()); 3332 if (!lval) { 3333 cx->free((void *)xval); 3334 return NULL; 3335 } 3336 pc += len; 3337 LOCAL_ASSERT(*pc == JSOP_GOTO || *pc == JSOP_GOTOX); 3338 oplen = js_CodeSpec[*pc].length; 3339 len = GetJumpOffset(pc, pc); this leaks xval: 3340 DECOMPILE_CODE(pc + oplen, len - oplen); 3341 rval = POP_STR(); 3342 todo = Sprint(&ss->sprinter, "%s ? %s : %s", 3343 xval, lval, rval); 3344 cx->free((void *)xval); 3345 cx->free((void *)lval); 3346 break; 3347
oh, the second one probably also leaks lval...
Comment 3•13 years ago
|
||
Comment on attachment 498301 [details] [diff] [review] proposal Review of attachment 498301 [details] [diff] [review]: r=me
Attachment #498301 -
Flags: review?(jorendorff) → review+
Keywords: checkin-needed
Comment 4•13 years ago
|
||
un-bitrotted & landed: http://hg.mozilla.org/tracemonkey/rev/0bc724be8daf
Keywords: checkin-needed
Whiteboard: fixed-in-tracemonkey
Comment 5•13 years ago
|
||
http://hg.mozilla.org/mozilla-central/rev/0bc724be8daf
Status: ASSIGNED → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
Updated•6 years ago
|
Blocks: coverity-analysis
You need to log in
before you can comment on or make changes to this bug.
Description
•