potential null pointer dereference in gfx/layers/d3d10/ImageLayerD3D10.cpp

RESOLVED FIXED in mozilla12

Status

()

Core
Graphics
RESOLVED FIXED
6 years ago
5 years ago

People

(Reporter: David Volgyes, Assigned: aceman)

Tracking

(Blocks: 1 bug)

Trunk
mozilla12
x86
Windows 7
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment, 2 obsolete attachments)

(Reporter)

Description

6 years ago
Created attachment 553172 [details] [diff] [review]
ImageLayerD3D10.diff

User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:5.0) Gecko/20100101 Firefox/5.0
Build ID: 20110622232440

Steps to reproduce:

cppcheck 1.49 (http://cppcheck.sourceforge.net/) found a plenty of potential null pointer dereference. This is one of them.


Actual results:

in the line #53 there is a check for 'aSurface' is null or not,
but at line #65 there is an unchecked aSurface->
which is a potential null pointer dereference.



Expected results:

Well, it depends. I do not know the code well enough, but you definitely should check the pointer before dereference. A possible fix is attached, but this fix seems ugly for me. (But I have no better idea.)

Updated

6 years ago
Component: General → Graphics
Product: Firefox → Core
QA Contact: general → thebes
Realistically, aSurface should never be NULL there, and if it is, we've got bigger problems! The right solution is probably to remove the NULL check at the top, and add a 'if (!aSurface) { return NULL; }' to the top of that function. I doubt that wouldn't break further down the flow though.
(Assignee)

Updated

6 years ago
Blocks: 679417
(Assignee)

Updated

6 years ago
Status: UNCONFIRMED → NEW
Ever confirmed: true

Updated

6 years ago
Assignee: nobody → david.volgyes

Comment 2

6 years ago
Unassigning from David per his request (bug 679610 comment 4).

For anyone looking at this bug, feel free to take it, David has very kindly provided a patch, but will not have time to follow it through.
Assignee: david.volgyes → nobody
Whiteboard: [has patch, needs new assignee]
(Assignee)

Comment 3

5 years ago
Created attachment 589659 [details] [diff] [review]
fix per comment 1
Assignee: nobody → acelists
Attachment #553172 - Attachment is obsolete: true
Status: NEW → ASSIGNED
Attachment #589659 - Flags: review?(bas.schouten)
(Assignee)

Updated

5 years ago
OS: Linux → Windows 7
Hardware: x86_64 → x86
Whiteboard: [has patch, needs new assignee]
Comment on attachment 589659 [details] [diff] [review]
fix per comment 1

Review of attachment 589659 [details] [diff] [review]:
-----------------------------------------------------------------

::: gfx/layers/d3d10/ImageLayerD3D10.cpp
@@ +49,5 @@
>  SurfaceToTexture(ID3D10Device *aDevice,
>                   gfxASurface *aSurface,
>                   const gfxIntSize &aSize)
>  {
> +  if (!aSurface) { return NULL; }

nit: as per coding style

if (!aSurface) {
  return NULL;
}
Attachment #589659 - Flags: review?(bas.schouten) → review+
(Assignee)

Comment 5

5 years ago
Created attachment 589667 [details] [diff] [review]
fix per nit

Carrying over review=bas.schouten .
Attachment #589659 - Attachment is obsolete: true
Attachment #589667 - Flags: review+
(Assignee)

Updated

5 years ago
Keywords: checkin-needed
http://hg.mozilla.org/integration/mozilla-inbound/rev/7e7800f6e68b
Keywords: checkin-needed
Target Milestone: --- → mozilla12

Comment 7

5 years ago
https://hg.mozilla.org/mozilla-central/rev/7e7800f6e68b
Status: ASSIGNED → RESOLVED
Last Resolved: 5 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.