Closed
Bug 737519
Opened 12 years ago
Closed 11 years ago
attachment1 [details] [diff] [review]_body of nsProxySendRunnable will not be non-null terminated string.
Categories
(MailNews Core :: Import, defect)
Tracking
(Not tracked)
RESOLVED
FIXED
Thunderbird 22.0
People
(Reporter: m_kato, Assigned: m_kato)
Details
Crash Data
Attachments
(1 file, 2 obsolete files)
21.08 KB,
patch
|
neil
:
superreview+
|
Details | Diff | Splinter Review |
attachment1 [details] [diff] [review]_body of nsProxySendRunnable can pass non-null string since attachment1 [details] [diff] [review]_body_length is length of it. But attachment1 [details] [diff] [review]_body is used as null-terminated string.
Assignee | ||
Comment 1•12 years ago
|
||
Updated•12 years ago
|
Attachment #607655 -
Flags: feedback+
Assignee | ||
Comment 2•12 years ago
|
||
rebased for current c-c
Attachment #653303 -
Flags: review?(mbanner)
Comment 3•12 years ago
|
||
Comment on attachment 653303 [details] [diff] [review] fix v1.1 Looks good, this will need a quick sr as well though.
Attachment #653303 -
Flags: superreview?(neil)
Attachment #653303 -
Flags: review?(mbanner)
Attachment #653303 -
Flags: review+
Comment 4•12 years ago
|
||
Sorry, but I can't actually see where the problem is. Both nsEudoraCompose and nsOutlookCompose pass the .get() and .Length() of an nsCString to nsImportService::CreateRFC822Message that goes on to create an nsProxySendRunnable that assumes that the string is null-terminated (which it fortunately is) and copies it (it would obviously be much more efficient to pass these as a const nsACString& instead) then (on the main thread) passes the (null-terminated) copy to nsMsgComposeAndSend::CreateRFC822Message.
Comment 5•12 years ago
|
||
I assumed this was just tidying up the interfaces and removing the extra variable and improving efficiency...
Comment 6•12 years ago
|
||
Comment on attachment 653303 [details] [diff] [review] fix v1.1 >diff --git a/mailnews/compose/public/nsIMsgSend.idl b/mailnews/compose/public/nsIMsgSend.idl >- in string aBody, >- in unsigned long aBodyLength, >+ in ACString aBody, >diff --git a/mailnews/compose/src/nsMsgSend.cpp b/mailnews/compose/src/nsMsgSend.cpp >- aMsgType, aMsgBody, >- aMsgBodyLength, >+ aMsgType, >+ aMsgBody.IsEmpty() ? nullptr : PromiseFlatCString(aMsgBody).get(), >+ aMsgBody.Length(), Ah, well as cleanup then it mostly makes sense, except I'm not really keen on this change, until Init and SnarfAndCopyBody are changed to use nsCString too. >- m_bodyType.get(), m_body.get(), >- m_bodyLength, m_isDraft, m_loadedAttachments, >+ m_bodyType.get(), m_body, >+ m_isDraft, m_loadedAttachments, Instead I would just use m_body.Length() here for now.
Comment 8•11 years ago
|
||
I've adapted the patch for Neil's review comments and fixed bitrot. As it turns out it was easier to change a few additional interfaces to make this all consistent. It passed unit tests on try server.
Attachment #607655 -
Attachment is obsolete: true
Attachment #653303 -
Attachment is obsolete: true
Attachment #653303 -
Flags: superreview?(neil)
Attachment #729095 -
Flags: superreview?(neil)
Flags: needinfo?(m_kato)
Comment 9•11 years ago
|
||
Comment on attachment 729095 [details] [diff] [review] Updated for Neil's comments >- if (newBody) Nit: Variable is never used, so it can be removed completely. >+ const char *body = PromiseFlatCString(aBody).get(); This is technically unsafe, although because you only have the one caller then I think you'll find it happens to work. (If you had written the caller to use StringHead instead of Trim then it would not have worked.) One way to fix it is by making aBody a const nsCString& so you can safely use a plain get() instead. [At some point m_attachment1_body should become an nsCString and these functions will just do direct string API on it.]
Attachment #729095 -
Flags: superreview?(neil) → superreview+
Comment 10•11 years ago
|
||
https://hg.mozilla.org/comm-central/rev/28429b5084d7
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Target Milestone: --- → Thunderbird 22.0
You need to log in
before you can comment on or make changes to this bug.
Description
•