Closed
Bug 620945
Opened 14 years ago
Closed 14 years ago
CSSParserImpl::ParseDeclarationBlock() does not initialize changed
Categories
(Core :: CSS Parsing and Computation, defect)
Tracking
()
RESOLVED
INVALID
People
(Reporter: timeless, Unassigned)
References
(Blocks 1 open bug)
Details
(Keywords: coverity)
3528 CSSParserImpl::ParseDeclarationBlock(PRBool aCheckForBraces) uninitialized: 3541 PRBool changed; 3542 if (!ParseDeclaration(declaration, aCheckForBraces, passed referenced to changed: 3543 PR_TRUE, &changed)) { 3933 CSSParserImpl::ParseDeclaration(css::Declaration* aDeclaration, 3936 PRBool* aChanged) 3937 { the next line is effectively: *aChanged = *aChanged | ...; 4038 *aChanged |= mData.TransferFromBlock(mTempData, propID, 4039 status == ePriority_Important, 4040 PR_FALSE, aMustCallValueAppended, 4041 aDeclaration); Which means the undefined value from 3541 is mixed with the value from TransferFromBlock() 4042 return PR_TRUE; 4043 }
Yes, but nothing ever reads the value, so why does it matter?
Comment 2•14 years ago
|
||
nsDOMCSSDeclaration::SetCssText seems to read the value (via ParseDeclarations), but it looks like the only difference in behavior that can cause is it calling SetCSSDeclaration() when things haven't actually changed.
Comment 3•14 years ago
|
||
ParseDeclarations doesn't call ParseDeclarationBlock. It has its own "changed" variable, and initializes it. I agree with dbaron; we end up with a random value for a variable that nothing reads... which is ok.
Comment 4•14 years ago
|
||
It calls ParseDeclaration(), which doesn't initialize aChanged. That's where the actual issue is, ParseDeclarationBlock is just one of the callers.
Comment 5•14 years ago
|
||
Nevermind, I missed the setting of aChanged in ParseDeclarations().
Comment 6•14 years ago
|
||
This isn't a security issue. Imo it's not an issue at all.
Group: core-security
Status: NEW → RESOLVED
Closed: 14 years ago
Resolution: --- → INVALID
Updated•6 years ago
|
Blocks: coverity-analysis
You need to log in
before you can comment on or make changes to this bug.
Description
•