Closed Bug 132862 Opened 22 years ago Closed 21 years ago

wrong mem check after allocation in nsMsgDBView.cpp

Categories

(MailNews Core :: Database, defect)

Product:
MailNews Core
Component:
Database
Platform:
x86
Windows 2000
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
VERIFIED FIXED

People

(Reporter: ftang, Assigned: bugzilla)

Details

Attachments

(1 file)

patch to fix issue
649 bytes, patch
Details | Diff | Splinter Review 
I found some wrong null pointer check after allocation in nsMsgDBView.cpp
this could lead to crash when we are in memory pressure

I. 

1665   *indices = (nsMsgViewIndex *)nsMemory::Alloc(numIndicies *
sizeof(nsMsgViewIndex));
1666   if (!indices) return NS_ERROR_OUT_OF_MEMORY;

line 1666 should be
1666   if (!(*indices)) return NS_ERROR_OUT_OF_MEMORY;
since the allocate return to *indicies instead of indicies

II. 
there are no checking of null in 
4922       PRInt32 *startRangeArray = (PRInt32*) PR_MALLOC(selectionCount*
sizeof(PRInt32));
4923       PRInt32 *endRangeArray = (PRInt32*) PR_MALLOC(selectionCount*
sizeof(PRInt32));

you should add
NS_ASSERTION(startRangeArray, "cannot allocate startRangeArray");
NS_ASSERTION(endRangeArray, "cannot allocate startRangeArray");

and also handle the case if either of them are null
cvsblame show the first one is mscott and the 2nd one is naving, assign to
mscott and cc naving
QA Contact: gayatri → stephend
I think II changed but issue I is still valid. will provide patch
I haven't tested the patch but it should work
Attachment #132732 - Flags: review?(bienvenu)
Comment on attachment 132732 [details] [diff] [review]
patch to fix issue

r=bienvenu, thx
Attachment #132732 - Flags: review?(bienvenu) → review+
Comment on attachment 132732 [details] [diff] [review]
patch to fix issue

If sr= is given could someone please checkin since I dont have CVS access
Attachment #132732 - Flags: superreview?(sspitzer)
taking bug
Assignee: mscott → bugzilla
Status: NEW → ASSIGNED
Comment on attachment 132732 [details] [diff] [review]
patch to fix issue

please also do the checkin if sr=
Attachment #132732 - Flags: superreview?(sspitzer) → superreview?(scott)
Comment on attachment 132732 [details] [diff] [review]
patch to fix issue

I'm told that you can also do sr= if the patch is small? Please also check in
Attachment #132732 - Flags: superreview?(scott) → superreview?(bienvenu)
I've taken care of it, thx.
Status: ASSIGNED → RESOLVED
Closed: 21 years ago
Resolution: --- → FIXED
Verified fixed using LXR as code inspection (as well as my local source tree).
Status: RESOLVED → VERIFIED
Attachment #132732 - Flags: superreview?(bienvenu)
Attachment #132732 - Flags: review+
Product: MailNews → Core
Product: Core → MailNews Core
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: