Closed
Bug 710989
Opened 13 years ago
Closed 11 years ago
Possible memset underflow in Time::Explode()
Categories
(Core :: IPC, defect)
Core
IPC
Tracking
()
RESOLVED
FIXED
mozilla21
People
(Reporter: Dolske, Assigned: charles.wh.chan)
References
Details
(Whiteboard: [pvs-studio][good first bug][lang=c++])
Attachments
(1 file)
|
1.00 KB,
patch
|
cjones
:
review+
|
Details | Diff | Splinter Review |
From http://www.viva64.com/en/a/0078/, 6th section in http://www.viva64.com/external-pictures/txt/mozilla-test.txt V512 A call of the 'memset' function will lead to underflow of the buffer '(exploded)'. time_win.cc 198 void Time::Explode(bool is_local, Exploded* exploded) const { ... ZeroMemory(exploded, sizeof(exploded)); ... } I think there could be written like this. ZeroMemory(exploded, sizeof(*exploded));
|
||
Updated•13 years ago
|
Whiteboard: [pvs-studio] → [pvs-studio][good first bug][lang=c++]
I don't think we use Time for anything in gecko, but this is probably fixed upstream in chromium. If not we should file there too.
|
Assignee | |
Comment 2•12 years ago
|
||
(In reply to Chris Jones [:cjones] [:warhammer] from comment #1) > I don't think we use Time for anything in gecko, but this is probably fixed > upstream in chromium. If not we should file there too. Yes. It appears the issue has already been resolved in Chromium. See ~Line 255 http://src.chromium.org/viewvc/chrome/trunk/src/base/time_win.cc?view=annotate
|
|
Assignee | |
Comment 3•12 years ago
|
||
Just out of curiosity, why is there a copy of the Chromium src within the Mozilla source code?
|
|
Assignee | |
Comment 4•12 years ago
|
||
Fix the ZeroMemory() issue in the Mozilla src tree, please review.
Attachment #608963 -
Flags: review?(dolske)
|
Reporter | |
Comment 5•12 years ago
|
||
Comment on attachment 608963 [details] [diff] [review] Bug 710989: Patch-1 This is in Chris's area, so moving review. Thanks for the patch!
Attachment #608963 -
Flags: review?(dolske) → review?(jones.chris.g)
|
|
||
Comment 6•12 years ago
|
||
(In reply to Charles Chan from comment #3) > Just out of curiosity, why is there a copy of the Chromium src within the > Mozilla source code? Gecko uses Chromium's inter-process communication library. Here is a link to a list of third-party code located in the tree: https://wiki.mozilla.org/ThirdPartyCode
Comment on attachment 608963 [details] [diff] [review] Bug 710989: Patch-1 Sorry for the review latency.
Attachment #608963 -
Flags: review?(jones.chris.g) → review+
|
||
Comment 8•11 years ago
|
||
Oops. I'll see if this is still valid on trunk.
Assignee: nobody → charles.wh.chan
|
||
Comment 10•11 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/4de05e48b784
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla21
You need to log in
before you can comment on or make changes to this bug.
Description
•