Closed Bug 620237 Opened 15 years ago Closed 15 years ago

server_port_flush is awkward

Categories

(Core :: IPC, defect)

Product:
Core
Component:
IPC
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
RESOLVED INVALID

People

(Reporter: timeless, Unassigned)

References

(Blocks 1 open bug,
URL
)

Details

(Keywords: coverity, crash, Whiteboard: [sg:nse in Mozilla])

1765 server_request_free(struct server_request *req) 1766 { 1795 if (rc == 0) { 1797 free(req); 1798 return (1); 1799 } 1800 free(req); 1801 return (0); 1802 } server_request_free frees req unconditionally. 1181 server_port_flush(struct evdns_server_port *port) 1183 while (port->pending_replies) { 1184 struct server_request *req = port->pending_replies; 1193 if (server_request_free(req)) { 1194 /* we released the last reference to req->port. */ afaict you released it whether or not it returned true, this seems like a bad idea. 1195 return; 1196 } 1197 }
This code is not used in Mozilla so closing INVALID (not our bug). BenT: you imported this I think, please let some chromium folks know so they can decide if this is a problem for them or not before we un-hide the bug.
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → INVALID
Whiteboard: [sg:nse in Mozilla]
Group: core-security
You need to log in before you can comment on or make changes to this bug.