Closed
Bug 620243
Opened 14 years ago
Closed 7 years ago
PluginModuleChild::DeallocNPObject should handle d before freeing aNPObj
Categories
(Core Graveyard :: Plug-ins, defect)
Core Graveyard
Plug-ins
Tracking
(Not tracked)
RESOLVED
INCOMPLETE
People
(Reporter: timeless, Unassigned)
References
(Blocks 1 open bug)
Details
(Keywords: coverity)
Attachments
(1 file)
|
977 bytes,
patch
|
Details | Diff | Splinter Review |
1955 PluginModuleChild::DeallocNPObject(NPObject* aNPObj)
1956 {
1957 if (aNPObj->_class && aNPObj->_class->deallocate) {
1958 aNPObj->_class->deallocate(aNPObj);
1959 } else {
this is a free:
1960 child::_memfree(aNPObj);
1961 }
and this is a potential use which scares coverity:
1963 NPObjectData* d = current()->mObjectMap.GetEntry(aNPObj);
1964 if (d->actor)
1965 d->actor->NPObjectDestroyed();
1966
1967 current()->mObjectMap.RemoveEntry(aNPObj);
1968 }
Comment on attachment 498668 [details] [diff] [review] proposal I don't think this is relevant any more.
Attachment #498668 -
Flags: review?(bent.mozilla)
|
||
Comment 3•11 years ago
|
||
Does this still show up in Coverity runs? I still have to get approved by an admin on the Coverity site for the Fx scan.
|
|
||
Updated•11 years ago
|
Flags: needinfo?(georg.fritzsche)
|
|
||
Updated•10 years ago
|
Flags: needinfo?(georg.fritzsche)
|
||
Comment 4•9 years ago
|
||
The problem in this bug has been refactored into bug 1195272, still existent and looking risky.
|
||
Updated•9 years ago
|
Assignee: timeless → continuation
|
|
||
Updated•8 years ago
|
Assignee: continuation → nobody
Status: ASSIGNED → NEW
|
||
Comment 6•7 years ago
|
||
Resolving old bugs which are likely not relevant any more, since NPAPI plugins are deprecated.
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → INCOMPLETE
|
||
Updated•6 years ago
|
Blocks: coverity-analysis
|
||
Updated•2 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•