Security Coverage: Inspect editor/libeditor/html/nsHTMLEditor.cpp

RESOLVED INCOMPLETE

Status

()

Core
Editor
RESOLVED INCOMPLETE
6 years ago
3 years ago

People

(Reporter: decoder, Unassigned)

Tracking

(Blocks: 1 bug, {sec-audit})

Trunk
x86_64
Linux
sec-audit
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

6 years ago
According to our analysis, the file editor/libeditor/html/nsHTMLEditor.cpp has untested portions of code/functions and has been patched one or more times in the last 6 months due to security problems. The coverage data for this file (from a try run with our main test suites) is here:

http://people.mozilla.org/~choller/coverage/mc-tests-all-20120903/editor/libeditor/html/nsHTMLEditor.cpp.gcov.html

(Assertions, warnings and errors like out-of-memory conditions or those that cannot be triggered through content should be ignored).

File-specific comments: Just by scrolling over the file, I see quite a number of uncovered code blocks that are large and don't seem to be debug-only either. Overall too many issues to name them all here.

Overall coverage data from this run is available here:

http://people.mozilla.org/~choller/coverage/mc-tests-all-20120903/

Please add appropriate tests and/or check the untested portions of code if it is possible and reasonable.

Comment 1

6 years ago
Yeah, we've been making progress on getting more stuff in editor/ tested, but it's a painful process.  Good news is that we're much better at testing editor/ today than we were a couple of years ago.

That said, I'm not entirely sure that this bug can be spun off into a reasonable number of actionable bugs.
Per discussion with decoder, these bugs are not likely to be relevant at this point (and the reports themselves are long gone). Any further work is better suited for new bugs at this point.
Status: NEW → RESOLVED
Last Resolved: 3 years ago
Keywords: testcase-wanted
Resolution: --- → INCOMPLETE
You need to log in before you can comment on or make changes to this bug.