Closed Bug 293986 Opened 19 years ago Closed 17 years ago

OOM crash [@ nsJPEGDecoder::WriteFrom, fill_input_buffer]

Categories

(Core :: Graphics: ImageLib, defect)

defect
Not set
critical

Tracking

()

RESOLVED FIXED

People

(Reporter: dewildt, Assigned: ajschult784)

References

()

Details

(Keywords: crash)

Crash Data

Attachments

(1 file, 1 obsolete file)

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.8) Gecko/20050511 Firefox/1.0.4
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.8) Gecko/20050511 Firefox/1.0.4

At three locations is memory (re)allocated, but the results are not checked for
out of memory.

Reproducible: Always

Steps to Reproduce:
Keywords: crash
OS: Windows 2000 → All
Hardware: PC → All
it should be noted that doing:
198                   mBuffer = (JOCTET *)PR_Realloc(mBuffer, count);
is almost always wrong, because if realloc fails, not only do you have a null
mBuffer, but you've leaked the old mBuffer.
Attached patch patch (obsolete) — Splinter Review
this fixes the OOMs and enables a working (if not ugly) version of the OOM
handler in fill_input_buffer.
Assignee: pavlov → ajschult
Status: NEW → ASSIGNED
Attachment #184902 - Flags: review?(pavlov)
Flags: blocking1.9?
Does the patch still apply?
Flags: blocking1.9? → blocking1.9+
No, unfortunately, there is a hunk that doesn't apply anymore. Not sure how to fix that.
Andrew, are you perhaps able to update the patch?
Attachment #184902 - Attachment is obsolete: true
Attachment #260803 - Flags: review?(vladimir)
Attachment #184902 - Flags: review?(pavlov)
Comment on attachment 260803 [details] [diff] [review]
un-bitrotted patch

Review -> stuart
Attachment #260803 - Flags: review?(vladimir) → review?(pavlov)
Attachment #260803 - Flags: review?(pavlov) → review+
Attachment #260803 - Flags: superreview?(tor)
Attachment #260803 - Flags: superreview?(tor) → superreview+
This has all the reviews, so it can be checked in?
Whiteboard: [wanted-1.9][checkin needed]
I went ahead and checked this in (although I think that Andrew has checkin privs).

Checking in nsJPEGDecoder.cpp;
/cvsroot/mozilla/modules/libpr0n/decoders/jpeg/nsJPEGDecoder.cpp,v  <--  nsJPEGD
ecoder.cpp
new revision: 1.71; previous revision: 1.70
done
Status: ASSIGNED → RESOLVED
Closed: 17 years ago
Resolution: --- → FIXED
Whiteboard: [wanted-1.9][checkin needed]
Flags: in-testsuite-
Crash Signature: [@ nsJPEGDecoder::WriteFrom, fill_input_buffer]
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: