[Webkit-unassigned] [Bug 19287] New: return value of malloc() is not checked
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed May 28 01:58:53 PDT 2008
http://bugs.webkit.org/show_bug.cgi?id=19287
Summary: return value of malloc() is not checked
Product: WebKit
Version: 526+ (Nightly build)
Platform: PC
OS/Version: All
Status: UNCONFIRMED
Severity: Normal
Priority: P2
Component: WebCore Misc.
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: pepe at sed.inf.u-szeged.hu
The return values of the following malloc invocations are not checked (rev.
34169):
WebKit/WebCore/bridge/npruntime.cpp(106):
106: identifier =
(PrivateIdentifier*)malloc(sizeof(PrivateIdentifier));
107: identifier->isString = false;
108: identifier->value.number = intid;
WebKit/WebCore/bridge/npruntime.cpp(115):
115: identifier =
(PrivateIdentifier*)malloc(sizeof(PrivateIdentifier));
116: // We never release identifier names, so this dictionary will
grow.
117: identifier->isString = false;
118: identifier->value.number = intid;
WebKit/WebCore/bridge/npruntime.cpp(153)
153: variant->value.stringValue.UTF8Characters = (NPUTF8
*)malloc(sizeof(NPUTF8) * value->UTF8Length);
154: memcpy((void*)variant->value.stringValue.UTF8Characters,
value->UTF8Characters, sizeof(NPUTF8) * value->UTF8Length);
--
Configure bugmail: http://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list