Last Comment Bug 710973 - Possible bad input validation in PresShell::SetResolution()
: Possible bad input validation in PresShell::SetResolution()
Status: RESOLVED FIXED
[pvs-studio][good first bug][lang=c++]
:
Product: Core
Classification: Components
Component: Layout (show other bugs)
: unspecified
: All All
: -- normal (vote)
: mozilla13
Assigned To: Daniel Levin
:
: Jet Villegas (:jet)
Mentors:
Depends on:
Blocks: 710966 590294
  Show dependency treegraph
 
Reported: 2011-12-14 22:49 PST by Justin Dolske [:Dolske]
Modified: 2012-02-17 05:38 PST (History)
11 users (show)
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---
Has Regression Range: ---
Has STR: ---


Attachments
A patch to correct this bug (1.02 KB, patch)
2012-02-11 08:40 PST, Daniel Levin
tnikkel: review+
Details | Diff | Splinter Review

Description Justin Dolske [:Dolske] 2011-12-14 22:49:24 PST
From http://www.viva64.com/en/a/0078/

Example 6. Incomplete checking of input values

nsresult PresShell::SetResolution(float aXResolution, float aYResolution)
{
  if (!(aXResolution > 0.0 && aXResolution > 0.0)) {
    return NS_ERROR_ILLEGAL_VALUE;
  }
  ...
}

PVS-Studio diagnostic message: V501 There are identical sub-expressions to the left and to the right of the '&&' operator: aXResolution > 0.0 && aXResolution > 0.0 nspresshell.cpp 5114

And here was one more example of invalid input parameters verification. This time, a misprint doesn't allow the program to check the aYResolution argument's value.
Comment 1 Daniel Levin 2012-02-11 08:40:37 PST
Created attachment 596338 [details] [diff] [review]
A patch to correct this bug

The double-checking flagged was checking the X value twice and not checking the Y value. The Y value is now checked
Comment 2 Timothy Nikkel (:tnikkel) 2012-02-11 11:02:03 PST
Comment on attachment 596338 [details] [diff] [review]
A patch to correct this bug

Stealing review for this obvious fix.
Comment 4 Ed Morley [:emorley] 2012-02-17 05:38:11 PST
https://hg.mozilla.org/mozilla-central/rev/2348e10c9782

Thanks for the patch! Join us on irc (#developers on irc.mozilla.org) and we'll find some other things for you to work on if you are interested? :-D

Note You need to log in before you can comment on or make changes to this bug.