Crash on nsStr::Append on solaris/motif

VERIFIED INVALID

Status

SeaMonkey
General
P3
normal
VERIFIED INVALID
19 years ago
14 years ago

People

(Reporter: Tomi Leppikangas, Assigned: rickg)

Tracking

Trunk
Sun
Solaris

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

19 years ago
Viewer crashes on nsStr::Append, looks like there is similar
stach traces on bugs
http://bugzilla.mozilla.org/show_bug.cgi?id=10118
http://bugzilla.mozilla.org/show_bug.cgi?id=10114
http://bugzilla.mozilla.org/show_bug.cgi?id=10098

All are using nsStr::Append.

   CSSParserImpl::ParseBoxProperties(this = 0x19fca8, aErrorCode = 0,
aDeclaration = 0x143aa0, aPropIDs = 0xfd129438)
   CSSParserImpl::ParseSingleValueProperty(this = 0x19fca8, aErrorCode = 0,
aValue = CLASS, aPropID = 29)
   CSSParserImpl::ParseVariant(this = 0x19fca8, aErrorCode = 0, aValue = CLASS,
aVariantMask = 131081, aKeywordTable = 0xfd12c618)
   CSSParserImpl::ParseColor(this = 0x19fca8, aErrorCode = 0, aValue = CLASS)
   NS_HexToRGB(aColorSpec = CLASS, aResult = 0xffbedbd0)
   nsString::ToCString(this = 0xffbedbd8, aBuf = 0xffbedb52 "", aBufLength =
10U, anOffset = 0)
   nsCString::Assign(this = 0xffbeda74, aString = STRUCT, aCount = 1664090168)
   nsStr::Assign(aDest = STRUCT, aSource = STRUCT, anOffset = 0, aCount =
1664090168, anAgent = (nil))
  nsStr::Append(aDest = STRUCT, aSource = STRUCT, anOffset = 0, aCount =
1664090168, anAgent = (nil))

Crash line is:
      (*gCopyChars[aSource.mCharSize][aDest.mCharSize])(aDest.mStr,aDest.mLength
,aSource.mStr,anOffset,theLength);

Looks like aSource.mCharSize has bogus value:
aSource.mCharSize = 6949
(Reporter)

Updated

19 years ago
Status: NEW → RESOLVED
Last Resolved: 19 years ago
Resolution: --- → INVALID
(Reporter)

Comment 1

19 years ago
Ignore this, crash was caused by incorrect MOZILLA_FIFE_HOME, uses
wrong versions of libs.

Updated

19 years ago
Status: RESOLVED → VERIFIED

Updated

17 years ago
Component: XP Utilities → Browser-General
Product: Browser → Seamonkey
You need to log in before you can comment on or make changes to this bug.