[Webkit-unassigned] [Bug 235037] New: WebEventConversion.cpp uses switch statements that fall through ASSERT_NOT_REACHED()
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Jan 10 10:58:23 PST 2022
https://bugs.webkit.org/show_bug.cgi?id=235037
Bug ID: 235037
Summary: WebEventConversion.cpp uses switch statements that
fall through ASSERT_NOT_REACHED()
Product: WebKit
Version: Other
Hardware: Unspecified
OS: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: DOM
Assignee: webkit-unassigned at lists.webkit.org
Reporter: ddkilzer at webkit.org
CC: webkit-bug-importer at group.apple.com
Depends on: 234932
WebEventConversion.cpp uses switch statements that fall through ASSERT_NOT_REACHED().
In most cases, the `default` case does not initialize same same instance variable(s) as the other `case` blocks, and (looking at one example), the base class doesn't always initialize the instance variable, either, which could cause uninitialized variables to be used.
The fix is to make sure to initialize the same instance variables in the `default` case.
WebKit2PlatformMouseEvent(const WebMouseEvent& webEvent)
{
// PlatformEvent
switch (webEvent.type()) {
case WebEvent::MouseDown:
m_type = WebCore::PlatformEvent::MousePressed;
m_force = WebCore::ForceAtClick;
break;
case WebEvent::MouseUp:
m_type = WebCore::PlatformEvent::MouseReleased;
m_force = WebCore::ForceAtClick;
break;
case WebEvent::MouseMove:
m_type = WebCore::PlatformEvent::MouseMoved;
m_force = webEvent.force();
break;
case WebEvent::MouseForceChanged:
m_type = WebCore::PlatformEvent::MouseForceChanged;
m_force = webEvent.force();
break;
case WebEvent::MouseForceDown:
m_type = WebCore::PlatformEvent::MouseForceDown;
m_force = WebCore::ForceAtForceClick;
break;
case WebEvent::MouseForceUp:
m_type = WebCore::PlatformEvent::MouseForceUp;
m_force = WebCore::ForceAtForceClick;
break;
default:
ASSERT_NOT_REACHED();
}
[...]
}
See: Source/WebKit/Shared/WebEventConversion.cpp.
There are six places where this occurs (in four switch statements):
ERROR: Source/WebKit/Shared/WebEventConversion.cpp:71: ASSERT_NOT_REACHED() statement fallthrough may result in unexpected code execution. [security/assertion_fallthrough] [4]
ERROR: Source/WebKit/Shared/WebEventConversion.cpp:102: ASSERT_NOT_REACHED() statement fallthrough may result in unexpected code execution. [security/assertion_fallthrough] [4]
ERROR: Source/WebKit/Shared/WebEventConversion.cpp:205: ASSERT_NOT_REACHED() statement fallthrough may result in unexpected code execution. [security/assertion_fallthrough] [4]
ERROR: Source/WebKit/Shared/WebEventConversion.cpp:319: ASSERT_NOT_REACHED() statement fallthrough may result in unexpected code execution. [security/assertion_fallthrough] [4]
ERROR: Source/WebKit/Shared/WebEventConversion.cpp:351: ASSERT_NOT_REACHED() statement fallthrough may result in unexpected code execution. [security/assertion_fallthrough] [4]
ERROR: Source/WebKit/Shared/WebEventConversion.cpp:410: ASSERT_NOT_REACHED() statement fallthrough may result in unexpected code execution. [security/assertion_fallthrough] [4]
Referenced Bugs:
https://bugs.webkit.org/show_bug.cgi?id=234932
[Bug 234932] check-webkit-style: add checker for unexpected fall through after ASSERT_NOT_REACHED() statements
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20220110/b6bbc9c6/attachment-0001.htm>
More information about the webkit-unassigned
mailing list