Closed Bug 688516 Opened 14 years ago Closed 14 years ago

nsBuiltinDecoder::NotifyDownloadEnded uses mElement without null-checking

Categories

(Core :: Audio/Video, defect)

Product:
Core
Component:
Audio/Video
Platform:
ARM
Android
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla9

People

(Reporter: jdm, Assigned: kinetik)

Details

(Keywords: crash, Whiteboard: [good first bug] [mentor=jdm])

Crash Data

Attachments

(1 file)

patch v0
3.23 KB, patch
cpearce
: review+
Details | Diff | Splinter Review
This bug was filed from the Socorro interface and is report bp-7ecd51f8-7e37-40d0-8f78-ae12d2110918 . ============================================================= This is just bug 633332 again, but for a different decoder >:( The rest of the file is filled with null-checks. 0 libxul.so nsCOMPtr_base::assign_assuming_AddRef nsCOMPtr.h:464 1 libxul.so nsCOMPtr_base::assign_with_AddRef obj-firefox/xpcom/build/nsCOMPtr.cpp:90 2 libxul.so nsHTMLMediaElement::Error content/html/content/src/nsHTMLMediaElement.cpp:2051 3 libxul.so nsHTMLMediaElement::LoadAborted content/html/content/src/nsHTMLMediaElement.cpp:2042 4 libxul.so nsBuiltinDecoder::NotifyDownloadEnded content/media/nsBuiltinDecoder.cpp:668 5 libxul.so DataEnded::Run content/media/nsMediaStream.cpp:745 6 libxul.so nsThread::ProcessNextEvent xpcom/threads/nsThread.cpp:631 7 libxul.so NS_ProcessNextEvent_P obj-firefox/xpcom/build/nsThreadUtils.cpp:245 8 libxul.so mozilla::ipc::MessagePump::Run ipc/glue/MessagePump.cpp:111 9 libxul.so mozilla::ipc::MessagePumpForChildProcess::Run ipc/glue/MessagePump.cpp:230 10 libxul.so MessageLoop::RunInternal ipc/chromium/src/base/message_loop.cc:209 11 libxul.so MessageLoop::Run ipc/chromium/src/base/message_loop.cc:487 12 libxul.so nsBaseAppShell::Run widget/src/xpwidgets/nsBaseAppShell.cpp:191 13 libxul.so XRE_RunAppShell toolkit/xre/nsEmbedFunctions.cpp:677 14 libxul.so mozilla::ipc::MessagePumpForChildProcess::Run ipc/glue/MessagePump.cpp:222 15 libxul.so MessageLoop::RunInternal ipc/chromium/src/base/message_loop.cc:209 16 libxul.so MessageLoop::Run ipc/chromium/src/base/message_loop.cc:487 17 libxul.so XRE_InitChildProcess nsAutoPtr.h:155 18 libmozutils.so ChildProcessInit other-licenses/android/APKOpen.cpp:778 19 plugin-container main ipc/app/MozillaRuntimeMainAndroid.cpp:69
OS: Mac OS X → Android
Hardware: x86 → ARM
This is an easy fix to that should make an occasional mobile crash bug disappear.
Whiteboard: [good first bug] [mentor=jdm]
Attached patch patch v0Splinter Review
Well, this is embarrassing. I must not have audited every use when I fixed bug 633332.
Assignee: nobody → kinetik
Status: NEW → ASSIGNED
Attachment #561965 - Flags: review?(chris)
Attachment #561965 - Flags: review?(chris) → review+
https://hg.mozilla.org/mozilla-central/rev/27cc64182823
Status: ASSIGNED → RESOLVED
Closed: 14 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: