Closed
Bug 620274
Opened 14 years ago
Closed 12 years ago
nsSVGForeignObjectFrame::PaintSVG needlessly checks aDirtyRect
Categories
(Core :: SVG, defect)
Core
SVG
Tracking
()
RESOLVED
INVALID
People
(Reporter: timeless, Unassigned)
References
(Blocks 1 open bug)
Details
(Keywords: coverity)
Attachments
(2 obsolete files)
198 nsSVGForeignObjectFrame::PaintSVG(nsSVGRenderState *aContext, 199 const nsIntRect *aDirtyRect) 218 /* Check if we need to draw anything. */ null check: 219 if (aDirtyRect) { 220 PRInt32 appUnitsPerDevPx = PresContext()->AppUnitsPerDevPixel(); 221 if (!mRect.ToOutsidePixels(appUnitsPerDevPx).Intersects(*aDirtyRect)) 222 return NS_OK; 223 } no null check: 247 gfxRect transDirtyRect = gfxRect(aDirtyRect->x, aDirtyRect->y, 248 aDirtyRect->width, aDirtyRect->height);
Comment 1•13 years ago
|
||
There's no caller of the method that passes non-null as aDirtyRect.
Attachment #528000 -
Flags: review?(dholbert)
Comment 2•13 years ago
|
||
Comment on attachment 528000 [details] [diff] [review] patch > NS_IMETHODIMP > nsSVGForeignObjectFrame::PaintSVG(nsSVGRenderState *aContext, > const nsIntRect *aDirtyRect) > { >+ NS_PRECONDITION(aDirtyRect, "We expect aDirtyRect to be non-null"); >+ I think I'd prefer NS_ABORT_IF_FALSE, but I won't hold you to that. :)
Attachment #528000 -
Flags: review?(dholbert) → review+
Comment 3•13 years ago
|
||
Assignee: nobody → longsonr
Attachment #528000 -
Attachment is obsolete: true
Updated•13 years ago
|
Keywords: checkin-needed
Updated•13 years ago
|
Summary: crash [@ nsSVGForeignObjectFrame::PaintSVG] if !aDirtyRect → nsSVGForeignObjectFrame::PaintSVG needlessly checks !aDirtyRect
Updated•13 years ago
|
Summary: nsSVGForeignObjectFrame::PaintSVG needlessly checks !aDirtyRect → nsSVGForeignObjectFrame::PaintSVG needlessly checks aDirtyRect
Comment 4•13 years ago
|
||
http://hg.mozilla.org/mozilla-central/rev/f23ef87dcfb3
Status: NEW → RESOLVED
Closed: 13 years ago
Keywords: checkin-needed
Resolution: --- → FIXED
Target Milestone: --- → mozilla6
Comment 5•13 years ago
|
||
Backed out https://hg.mozilla.org/integration/mozilla-inbound/rev/24365794891f to fix bug 667324
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Updated•13 years ago
|
Attachment #528018 -
Attachment is obsolete: true
Updated•13 years ago
|
Assignee: longsonr → nobody
Target Milestone: mozilla6 → ---
Comment 6•13 years ago
|
||
So if you have a foreignObject in a pattern then you can get a call with aDirtyRect null. That seems to be the only case. I don't think foreignObject works at all in a pattern though as IsDisabled() will always be true since the foreignObject's mRect won't be initialised currently.
Comment 7•12 years ago
|
||
The null checks are needed, and in fact were extended in bug 716527.
Status: REOPENED → RESOLVED
Closed: 13 years ago → 12 years ago
Resolution: --- → INVALID
Updated•6 years ago
|
Blocks: coverity-analysis
You need to log in
before you can comment on or make changes to this bug.
Description
•