Closed
Bug 522931
Opened 15 years ago
Closed 15 years ago
textToSubURI.UnEscapeAndConvert("UTF-8", null) causes crash in NS_strdup [@strlen | NS_strdup(char const*) ]
Categories
(Core :: Internationalization, defect)
Core
Internationalization
Tracking
()
RESOLVED
FIXED
| Tracking | Status | |
|---|---|---|
| status1.9.2 | --- | beta2-fixed |
People
(Reporter: m_kato, Assigned: m_kato)
Details
(Keywords: crash, topcrash, Whiteboard: [#7 trunk (3.7a1) topcrash][#2 3.6b2pre topcrash][#10 3.6b1 topcrash])
Crash Data
Attachments
(2 files, 1 obsolete file)
|
946 bytes,
patch
|
smontagu
:
review+
|
Details | Diff | Splinter Review |
|
952 bytes,
patch
|
smontagu
:
review+
dbaron
:
approval1.9.2+
|
Details | Diff | Splinter Review |
- Step
run
var textToSubURI = Components.classes["@mozilla.org/intl/texttosuburi;1"].getService(Components.interfaces.nsITextToSubURI); textToSubURI.UnEscapeAndConvert("UTF-8",null);
- Result
Crash in NS_strdup.
#3 0x00007ff4f5722fa5 in nsProfileLock::FatalSignalHandler (signo=11)
at nsProfileLock.cpp:216
#4 <signal handler called>
#5 NS_strdup (aString=0x0) at nsCRTGlue.cpp:145
#6 0x00007ff4e2984093 in nsTextToSubURI::UnEscapeAndConvert (
this=<value optimized out>, charset=0x17c0460 "UTF-8", text=0x0,
_retval=0xffffffffffffffff)
at /home/makoto/Development/mozilla-hg/mozilla-central/intl/uconv/src/nsTextToSubURI.cpp:126
#7 0x00007ff4f47d015e in NS_InvokeByIndex_P (that=0x2aca8a0, methodIndex=4,
paramCount=<value optimized out>, params=0x7fffc3a8cc00)
at /home/makoto/Development/mozilla-hg/mozilla-central/xpcom/reflect/xptcall/src/md/unix/xptcinvoke_x86_64_unix.cpp:208
#8 0x00007ff4dd2b7d0f in XPCWrappedNative::CallMethod (ccx=...,
mode=<value optimized out>)
This crash seems to be sbumitted as long as I check crash-stats.
http://crash-stats.mozilla.com/report/list?product=Firefox&version=Firefox%3A3.7a1pre&platform=windows&query_search=signature&query_type=exact&query=&date=&range_value=1&range_unit=weeks&do_query=1&signature=strlen%20|%20NS_strdup%28char%20const*%29
|
Assignee | |
Comment 1•15 years ago
|
||
Attachment #406900 -
Flags: review?(smontagu)
|
||
Updated•15 years ago
|
Attachment #406900 -
Flags: review?(smontagu) → review+
|
|
Assignee | |
Comment 2•15 years ago
|
||
also, this can repro on 3.6b2pre http://crash-stats.mozilla.com/report/index/bp-cae0b0de-8029-44aa-9fc9-8e5672091018
Severity: normal → major
OS: Linux → All
|
|
Assignee | |
Comment 4•15 years ago
|
||
(In reply to comment #3) > do you really want to throw an exception? Parameter is invalid, so I think it should throw it. Should we return null instead?
|
|
Assignee | |
Comment 5•15 years ago
|
||
Humm, until 1.9.1, UnEscapeAndConvert(charset, null) returns empty string instead of error or null. I wil attach new patch...
|
|
Assignee | |
Comment 6•15 years ago
|
||
|
|
Assignee | |
Comment 7•15 years ago
|
||
Attachment #407234 -
Attachment is obsolete: true
|
|
Assignee | |
Comment 8•15 years ago
|
||
Comment on attachment 407235 [details] [diff] [review] patch v2.1 modify patch after timeless comment.
Attachment #407235 -
Flags: review?(smontagu)
|
|
||
Updated•15 years ago
|
Attachment #407235 -
Flags: review?(smontagu) → review+
|
|
Assignee | |
Comment 9•15 years ago
|
||
landed http://hg.mozilla.org/mozilla-central/rev/89692081b401
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED
|
|
Assignee | |
Updated•15 years ago
|
Attachment #407235 -
Flags: approval1.9.2?
Comment on attachment 407235 [details] [diff] [review] patch v2.1 a1.9.2=dbaron
Attachment #407235 -
Flags: approval1.9.2? → approval1.9.2+
Flags: blocking1.9.2+
Whiteboard: [#7 trunk (3.7a1) topcrash] → [#7 trunk (3.7a1) topcrash][#2 3.6b2pre topcrash][#10 3.6b1 topcrash]
|
|
Assignee | |
Comment 11•15 years ago
|
||
http://hg.mozilla.org/releases/mozilla-1.9.2/rev/02c55001a64a
status1.9.2:
--- → final-fixed
|
||
Updated•13 years ago
|
Crash Signature: [@strlen | NS_strdup(char const*) ]
You need to log in
before you can comment on or make changes to this bug.
Description
•