The default bug view has changed. See this FAQ.

Audit ConfirmEx callers to ensure that aCheckState is not an uninitialized PRBool

RESOLVED FIXED in mozilla7

Status

()

Core
General
RESOLVED FIXED
6 years ago
3 years ago

People

(Reporter: khuey, Assigned: protz)

Tracking

unspecified
mozilla7
x86
Windows 7
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(firefox7 affected)

Details

Attachments

(1 attachment)

After hitting Bug 662125 in a debug build and finding the cause I found, without looking particularly hard,

http://hg.mozilla.org/mozilla-central/annotate/57bedceef898/netwerk/protocol/http/nsHttpChannelAuthProvider.cpp#l1185
http://hg.mozilla.org/mozilla-central/annotate/57bedceef898/security/manager/ssl/src/nsCrypto.cpp#l2940

There may be others as well.
Depends on: 662125
No longer depends on: 622125
Looking at the patch for Bug 495618 would probably be a decent place to start.
Assignee: nobody → jonathan.protzenko
status-firefox7: --- → affected
tracking-firefox7: --- → ?
(Assignee)

Comment 2

6 years ago
Here's at least four call sites that should be fixed:
- http://mxr.mozilla.org/comm-central/source/mozilla/caps/src/nsScriptSecurityManager.cpp#2803 (the last parameter of CheckConfirmDialog is passed to ConfirmEx)
- http://mxr.mozilla.org/comm-central/source/mozilla/security/manager/ssl/src/nsCrypto.cpp#2941
- http://mxr.mozilla.org/comm-central/source/mozilla/toolkit/xre/nsAppRunner.cpp#1813
- http://mxr.mozilla.org/comm-central/source/mozilla/netwerk/protocol/http/nsHttpChannelAuthProvider.cpp#1186

(Looking for more...)
(Assignee)

Comment 3

6 years ago
Created attachment 537608 [details] [diff] [review]
Fix all four call sites that I've found

This is all I could come up with. I've checked every instance of ConfirmEx in C++ code, and for each function that ends up calling ConfirmEx with the penultimate parameter being one of its own parameters, I've checked that function's own call sites.
Attachment #537608 - Flags: review?(bzbarsky)
(Assignee)

Updated

6 years ago
Status: NEW → ASSIGNED
Comment on attachment 537608 [details] [diff] [review]
Fix all four call sites that I've found

Looks good, thanks!
Attachment #537608 - Flags: review?(bzbarsky) → review+
(Assignee)

Comment 5

6 years ago
http://hg.mozilla.org/mozilla-central/rev/8b3b1f9c132e
Status: ASSIGNED → RESOLVED
Last Resolved: 6 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla7

Updated

6 years ago
tracking-firefox7: ? → ---
You need to log in before you can comment on or make changes to this bug.