Open Bug 772601 Opened 12 years ago Updated 2 years ago

Create a static analysis to determine callers which hold on to an XPCOM interface without addrefing it and call more than one function on it

Tracking

(Not tracked)

Status:

NEW

People

(Reporter: ehsan.akhgari, Unassigned)

References

Details

(Keywords: sec-want)

(no longer active)

Reporter

Description

•

12 years ago

See bug 772282 as an example of a crash resulting in this.  If the caller doesn't AddRef, it cannot be sure that the first function call which takes the interface pointer as an argument won't destroy the object, so the subsequent calls on that are going to be unsafe.

Jesse Ruderman

Updated

•

12 years ago

Blocks: static_analyses

Jesse Ruderman

Updated

•

12 years ago

Keywords: sec-want

BMO Automation

Updated

•

7 years ago

Product: Core → Firefox Build System

BMO Automation

Updated

•

2 years ago

Product: Firefox Build System → Developer Infrastructure

BMO Automation

Updated

•

2 years ago

Severity: normal → S3

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

Create a static analysis to determine callers which hold on to an XPCOM interface without addrefing it and call more than one function on it

Categories

(Developer Infrastructure :: Source Code Analysis, defect)

Tracking

(Not tracked)

People

(Reporter: ehsan.akhgari, Unassigned)

References

Details

(Keywords: sec-want)

Crash Data

Security

(public)

User Story

Description

Updated

Updated

Updated

Updated

Updated