Closed
Bug 662126
Opened 14 years ago
Closed 14 years ago
Audit ConfirmEx callers to ensure that aCheckState is not an uninitialized PRBool
Categories
(Core :: General, defect)
Tracking
()
RESOLVED
FIXED
mozilla7
Tracking | Status | |
---|---|---|
firefox7 | --- | affected |
People
(Reporter: khuey, Assigned: protz)
References
Details
Attachments
(1 file)
2.51 KB,
patch
|
bzbarsky
:
review+
|
Details | Diff | Splinter Review |
After hitting Bug 662125 in a debug build and finding the cause I found, without looking particularly hard,
http://hg.mozilla.org/mozilla-central/annotate/57bedceef898/netwerk/protocol/http/nsHttpChannelAuthProvider.cpp#l1185
http://hg.mozilla.org/mozilla-central/annotate/57bedceef898/security/manager/ssl/src/nsCrypto.cpp#l2940
There may be others as well.
Reporter | ||
Updated•14 years ago
|
Reporter | ||
Comment 1•14 years ago
|
||
Looking at the patch for Bug 495618 would probably be a decent place to start.
Updated•14 years ago
|
Assignee | ||
Comment 2•14 years ago
|
||
Here's at least four call sites that should be fixed:
- http://mxr.mozilla.org/comm-central/source/mozilla/caps/src/nsScriptSecurityManager.cpp#2803 (the last parameter of CheckConfirmDialog is passed to ConfirmEx)
- http://mxr.mozilla.org/comm-central/source/mozilla/security/manager/ssl/src/nsCrypto.cpp#2941
- http://mxr.mozilla.org/comm-central/source/mozilla/toolkit/xre/nsAppRunner.cpp#1813
- http://mxr.mozilla.org/comm-central/source/mozilla/netwerk/protocol/http/nsHttpChannelAuthProvider.cpp#1186
(Looking for more...)
Assignee | ||
Comment 3•14 years ago
|
||
This is all I could come up with. I've checked every instance of ConfirmEx in C++ code, and for each function that ends up calling ConfirmEx with the penultimate parameter being one of its own parameters, I've checked that function's own call sites.
Attachment #537608 -
Flags: review?(bzbarsky)
Assignee | ||
Updated•14 years ago
|
Status: NEW → ASSIGNED
Comment 4•14 years ago
|
||
Comment on attachment 537608 [details] [diff] [review]
Fix all four call sites that I've found
Looks good, thanks!
Attachment #537608 -
Flags: review?(bzbarsky) → review+
Assignee | ||
Comment 5•14 years ago
|
||
Status: ASSIGNED → RESOLVED
Closed: 14 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla7
Updated•14 years ago
|
tracking-firefox7:
? → ---
You need to log in
before you can comment on or make changes to this bug.
Description
•