Closed
Bug 620413
Opened 14 years ago
Closed 13 years ago
useless check of stopFrame in nsSVGGradientFrame::GetStopInformation
Categories
(Core :: SVG, enhancement)
Core
SVG
Tracking
()
RESOLVED
FIXED
mozilla2.0b12
People
(Reporter: timeless, Assigned: timeless)
References
(Blocks 1 open bug)
Details
(Keywords: coverity)
Attachments
(1 file)
1.11 KB,
patch
|
longsonr
:
review+
dbaron
:
approval2.0+
|
Details | Diff | Splinter Review |
106 nsSVGGradientFrame::GetStopInformation(PRInt32 aIndex, 107 float *aOffset, 108 nscolor *aStopColor, 109 float *aStopOpacity) 110 { 115 nsIFrame *stopFrame = nsnull; 116 GetStopFrame(aIndex, &stopFrame); crash here: 117 nsCOMPtr<nsIDOMSVGStopElement> stopElement = 118 do_QueryInterface(stopFrame->GetContent()); check here: 131 if (stopFrame) {
Comment 1•14 years ago
|
||
We can't crash. GetPaintServerPattern calls GetStopCount which will return 0 if there are no stop frames. We only call GetStopInformation if GetStopCount > 0 and therefore we're guaranteed to get a frame.
Severity: critical → enhancement
Summary: crash [@ nsSVGGradientFrame::GetStopInformation] if !stopFrame → useless check of stopFrame in nsSVGGradientFrame::GetStopInformation
Assignee: nobody → timeless
Status: NEW → ASSIGNED
Attachment #498900 -
Flags: review?(longsonr)
Attachment #498900 -
Flags: approval2.0?
Updated•14 years ago
|
Attachment #498900 -
Flags: review?(longsonr) → review+
Attachment #498900 -
Flags: approval2.0? → approval2.0+
Keywords: checkin-needed
Comment 3•13 years ago
|
||
http://hg.mozilla.org/mozilla-central/rev/7a6f85f6891e
Status: ASSIGNED → RESOLVED
Closed: 13 years ago
Keywords: checkin-needed
Resolution: --- → FIXED
Target Milestone: --- → mozilla2.0b12
Updated•6 years ago
|
Blocks: coverity-analysis
You need to log in
before you can comment on or make changes to this bug.
Description
•