Closed
Bug 710975
Opened 13 years ago
Closed 13 years ago
Possible bad index checking in nsIEProfileMigrator::TestForIE7()
Categories
(Firefox :: Migration, defect)
Tracking
()
RESOLVED
FIXED
Firefox 12
People
(Reporter: Dolske, Assigned: jaws)
References
Details
(Whiteboard: [pvs-studio])
Attachments
(1 file, 2 obsolete files)
|
2.43 KB,
patch
|
Gavin
:
review+
|
Details | Diff | Splinter Review |
From http://www.viva64.com/en/a/0078/ Example 8. Incorrect type for storing the index PRBool nsIEProfileMigrator::TestForIE7() { ... PRUint32 index = ieVersion.FindChar('.', 0); if (index < 0) return PR_FALSE; ... } PVS-Studio diagnostic message: V547 Expression 'index < 0' is always false. Unsigned type value is never < 0. nsieprofilemigrator.cpp 622 The function won't return PR_FALSE if there is no dot in the string and will continue handling incorrect data. The error here is that an unsigned data type was used for the 'index' variable. Checking that (index < 0) is meaningless.
|
||
Comment 1•13 years ago
|
||
Trivial patch.
|
||
Comment 3•13 years ago
|
||
another good reason to use the correct ==/!= kNotFound instead of random checks (>0, <0, !=whatever) the "if (index > 0)" check looks strange, maybe not wrong, but since the complete lack of comments it's hard to even tell what the code tries to handle. I suppose it's trying to support something like this: "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 So removing the first ", and then the last one and everything after it. In such a case, I don't understand why it is not using RFindChar (and kNotFound)
|
||
Comment 4•13 years ago
|
||
Comment on attachment 581915 [details] [diff] [review] patch v1 Using RFindChar for the first call would change the behavior if there are multiple quotes, so I don't think it's worth doing. The second call should compare against kNotFound as Marco suggests.
Attachment #581915 -
Flags: review?(gavin.sharp) → review+
|
|
||
Comment 5•13 years ago
|
||
(In reply to Gavin Sharp (use gavin@gavinsharp.com for email) from comment #4) > Using RFindChar for the first call would change the behavior if there are > multiple quotes, so I don't think it's worth doing. oh, right! Maybe adding a small comment about what the first code fragment is trying to do would be nice for future reference.
|
|
||
Comment 6•13 years ago
|
||
indeed!
|
|
||
Comment 7•13 years ago
|
||
With the first check being (index > 0) the string '""' would be returned as '"' - because FindChar() returns 0. That's not really a valid example that occurs but shouldn't we compare against kNotFound here as well?
|
|
||
Comment 8•13 years ago
|
||
The first check is probably trying to enforce that the string is not empty by using > 0, so if you have '"" %1 "somearg"', the cut will change it to '" %1 "somearg"' FindChar will return 0 and the if will be skipped (currently). Instead using != kNotFound the if would be executed and would build an empty string. In both cases, the next call to NS_NewLocalFile will likely fail.
|
|
||
Comment 9•13 years ago
|
||
This doesn't build on Windows because 'kNotFound' is not defined. Alas, I don't have a Windows build machine (I should get one) and I really don't want to waste try server cycles for finding the right header to include. Can someone please take this, add the missing header and push it? Thanks!
Attachment #581915 -
Attachment is obsolete: true
|
|
||
Updated•13 years ago
|
Assignee: ttaubert → nobody
|
Assignee | |
Comment 10•13 years ago
|
||
According to these MXR searches, kNotFound is defined in "nsAString.h": http://mxr.mozilla.org/mozilla-central/ident?i=kNotFound http://mxr.mozilla.org/mozilla-central/search?string=nsAString.h I don't have time to take this at the moment, but it looks like we will just need to add an include for nsAString.h to the CPP file.
|
|
Assignee | |
Comment 11•13 years ago
|
||
I tried including nsAString.h, but that file in not accessible from external-linkage code. Alas, I tried including nsStringAPI.h but that file does not include the #define for kNotFound. According to https://developer.mozilla.org/en/Migrating_from_Internal_Linkage_to_Frozen_Linkage#section_8, external-linkage code should add their own #define for kNotFound. Pushed to try: https://tbpl.mozilla.org/?tree=Try&rev=2849df408396
Assignee: nobody → jwein
Attachment #586381 -
Attachment is obsolete: true
Attachment #586757 -
Flags: review?(gavin.sharp)
|
|
||
Updated•13 years ago
|
Attachment #586757 -
Flags: review?(gavin.sharp) → review+
|
|
Assignee | |
Comment 12•13 years ago
|
||
https://hg.mozilla.org/integration/fx-team/rev/371c513e15d7
Whiteboard: [pvs-studio] → [pvs-studio][fixed-in-fx-team]
|
|
||
Comment 13•13 years ago
|
||
Thanks, Jared! https://hg.mozilla.org/mozilla-central/rev/371c513e15d7
Status: ASSIGNED → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
Whiteboard: [pvs-studio][fixed-in-fx-team] → [pvs-studio]
Target Milestone: --- → Firefox 12
You need to log in
before you can comment on or make changes to this bug.
Description
•