Last Comment Bug 710973 - Possible bad input validation in PresShell::SetResolution()
: Possible bad input validation in PresShell::SetResolution()
[pvs-studio][good first bug][lang=c++]
Product: Core
Classification: Components
Component: Layout (show other bugs)
: unspecified
: All All
-- normal (vote)
: mozilla13
Assigned To: Daniel Levin
: Jet Villegas (:jet)
Depends on:
Blocks: 710966 590294
  Show dependency treegraph
Reported: 2011-12-14 22:49 PST by Justin Dolske [:Dolske]
Modified: 2012-02-17 05:38 PST (History)
11 users (show)
See Also:
Crash Signature:
QA Whiteboard:
Iteration: ---
Points: ---
Has Regression Range: ---
Has STR: ---

A patch to correct this bug (1.02 KB, patch)
2012-02-11 08:40 PST, Daniel Levin
tnikkel: review+
Details | Diff | Splinter Review

Description User image Justin Dolske [:Dolske] 2011-12-14 22:49:24 PST

Example 6. Incomplete checking of input values

nsresult PresShell::SetResolution(float aXResolution, float aYResolution)
  if (!(aXResolution > 0.0 && aXResolution > 0.0)) {

PVS-Studio diagnostic message: V501 There are identical sub-expressions to the left and to the right of the '&&' operator: aXResolution > 0.0 && aXResolution > 0.0 nspresshell.cpp 5114

And here was one more example of invalid input parameters verification. This time, a misprint doesn't allow the program to check the aYResolution argument's value.
Comment 1 User image Daniel Levin 2012-02-11 08:40:37 PST
Created attachment 596338 [details] [diff] [review]
A patch to correct this bug

The double-checking flagged was checking the X value twice and not checking the Y value. The Y value is now checked
Comment 2 User image Timothy Nikkel (:tnikkel) 2012-02-11 11:02:03 PST
Comment on attachment 596338 [details] [diff] [review]
A patch to correct this bug

Stealing review for this obvious fix.
Comment 4 User image Ed Morley [:emorley] 2012-02-17 05:38:11 PST

Thanks for the patch! Join us on irc (#developers on and we'll find some other things for you to work on if you are interested? :-D

Note You need to log in before you can comment on or make changes to this bug.