Closed Bug 65617 Opened 24 years ago Closed 24 years ago

unsecure use of new operator in nsPresShell.cpp

Categories

(Core :: Layout, defect, P1)

Product:
Core
Component:
Layout
Type:
defect

Tracking

()

Status:
VERIFIED FIXED
Milestone:
mozilla0.9.1

People

(Reporter: bernd_mozilla, Assigned: dr)

References

(
URL
)

Details

Attachments

(2 files)

patch to nsPresShell.cpp protecting memory allocations
1.20 KB, patch
Details | Diff | Splinter Review
Revised patch per jag & scc
1.43 KB, patch
Details | Diff | Splinter Review
http://lxr.mozilla.org/seamonkey/source/layout/html/base/src/nsPresShell.cpp#147 3 shows the typical pattern described in bug 8227 and should be fixed. if mStackArena is 0 .... PresShell::PushStackMemory() 1471 { 1472 if (nsnull == mStackArena) 1473 mStackArena = new StackArena(); 1474 1475 return mStackArena->Push(); 1476 }
->dr/moz0.9.1
Assignee: evaughan → dr
Target Milestone: --- → mozilla0.9.1
Okay, there's a buttload of these, starting around line 1480 or so. I'll basically just change them all to look like: PresShell::Foo() { nsresult result = NS_OK; if (!mStackArena) mStackArena = new StackArena(); if (!mStackArena) // allocation failed result = NS_MEMORY_ALLOCATION_ERROR; else result = mStackArena->Foo(); return result; }
Status: NEW → ASSIGNED
Priority: -- → P4
Severity: normal → minor
Priority: P4 → P1
Severity: minor → trivial
Hardware: PC → All
Hrm... No, I like the first one better. r=jag on the first. Sorry about that.
I prefer the first one, but would like to see + if (!mStackArena) return NS_ERROR_OUT_OF_MEMORY; replaced by + if (!mStackArena) + return NS_ERROR_OUT_OF_MEMORY; to make debugging easier. sr=sfraser
fixed (first patch, with smfr's changes). rev 3.396.
Status: ASSIGNED → RESOLVED
Closed: 24 years ago
Resolution: --- → FIXED
Marking verified per last comments
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: