Closed
Bug 12608
Opened 25 years ago
Closed 25 years ago
ABR: Comment handling
Categories
(Core :: DOM: HTML Parser, defect, P3)
Core
DOM: HTML Parser
Tracking
()
VERIFIED
INVALID
M12
People
(Reporter: bruce, Assigned: harishd)
Details
Small problem in comment handling?
This is a build from July 25, 1999. Loaded www.mozillazine.org in apprunner.
**** Purify instrumented ./apprunner.pure (pid 978) ****
ABR: Array bounds read (24 times):
* This is occurring while in:
nsCRT::strlen(const unsigned short*) [nsCRT.cpp:259]
nsString::Append(const unsigned short*,int) [nsString2.cpp:973]
nsAutoString::nsAutoString(const unsigned short*,eCharSize,int)
[nsString2.cpp:2017]
nsCommentNode::SetText(const unsigned short*,int,int)
[nsCommentNode.cpp:464]
nsGenericDOMDataNode::ReplaceData(unsigned int,unsigned int,const
nsString&) [nsGenericDOMDataNode.cpp:374]
nsGenericDOMDataNode::AppendData(const nsString&)
[nsGenericDOMDataNode.cpp:313]
nsCommentNode::AppendData(const nsString&) [nsCommentNode.cpp:54]
SinkContext::AddComment(const nsIParserNode&)
[nsHTMLContentSink.cpp:1318]
HTMLContentSink::AddComment(const nsIParserNode&)
[nsHTMLContentSink.cpp:2166]
CNavDTD::HandleCommentToken(CToken*) [CNavDTD.cpp:1635]
NavDispatchTokenHandler(CToken*,nsIDTD*) [CNavDTD.cpp:245]
CTokenHandler::operator ()(CToken*,nsIDTD*) [nsTokenHandler.cpp:80]
CNavDTD::HandleToken(CToken*,nsIParser*) [CNavDTD.cpp:734]
CNavDTD::BuildModel(nsIParser*,nsITokenizer*,nsITokenObserver*,nsIContentSink*)
[CNavDTD.cpp:551]
nsParser::BuildModel() [nsParser.cpp:941]
nsParser::ResumeParse(nsIDTD*,int) [nsParser.cpp:886]
nsParser::EnableParser(int) [nsParser.cpp:619]
HTMLContentSink::ResumeParsing() [nsHTMLContentSink.cpp:3032]
nsDoneLoadingScript(nsIUnicharStreamLoader*,nsString&,void*,unsigned
int) [nsHTMLContentSink.cpp:3152]
nsUnicharStreamLoader::OnStopRequest(nsIChannel*,nsISupports*,unsigned
int,const unsigned short*) [nsNetStreamLoader.cpp:159]
nsHTTPResponseListener::OnStopRequest(nsIChannel*,nsISupports*,unsigned
int,const unsigned short*) [nsHTTPResponseListener.cpp:220]
nsOnStopRequestEvent::HandleEvent() [nsAsyncStreamListener.cpp:268]
nsStreamListenerEvent::HandlePLEvent(PLEvent*)
[nsAsyncStreamListener.cpp:144]
PL_HandleEvent [plevent.c:509]
PL_ProcessPendingEvents [plevent.c:470]
nsEventQueueImpl::ProcessPendingEvents() [nsEventQueue.cpp:118]
event_processor_callback(void*,int,GdkInputCondition)
[nsAppShell.cpp:149]
gdk_io_invoke [gdkevents.c:868]
g_io_unix_dispatch [giounix.c:131]
g_main_dispatch [gmain.c:647]
* Reading 2 bytes from 0x224e9e6 in the heap.
* Address 0x224e9e6 is 1 byte past end of a malloc'd block at 0x224e9d0 of 22
bytes.
* This block was allocated from:
malloc [rtlib.o]
__bUiLtIn_nEw [libraptorgfx.so]
__builtin_new [rtlib.o]
__bUiLtIn_vEc_nEw [libraptorgfx.so]
__builtin_vec_new [rtlib.o]
nsGenericDOMDataNode::ReplaceData(unsigned int,unsigned int,const
nsString&) [nsGenericDOMDataNode.cpp:349]
nsGenericDOMDataNode::AppendData(const nsString&)
[nsGenericDOMDataNode.cpp:313]
nsCommentNode::AppendData(const nsString&) [nsCommentNode.cpp:54]
SinkContext::AddComment(const nsIParserNode&)
[nsHTMLContentSink.cpp:1318]
HTMLContentSink::AddComment(const nsIParserNode&)
[nsHTMLContentSink.cpp:2166]
CNavDTD::HandleCommentToken(CToken*) [CNavDTD.cpp:1635]
NavDispatchTokenHandler(CToken*,nsIDTD*) [CNavDTD.cpp:245]
CTokenHandler::operator ()(CToken*,nsIDTD*) [nsTokenHandler.cpp:80]
CNavDTD::HandleToken(CToken*,nsIParser*) [CNavDTD.cpp:734]
CNavDTD::BuildModel(nsIParser*,nsITokenizer*,nsITokenObserver*,nsIContentSink*)
[CNavDTD.cpp:551]
nsParser::BuildModel() [nsParser.cpp:941]
nsParser::ResumeParse(nsIDTD*,int) [nsParser.cpp:886]
nsParser::EnableParser(int) [nsParser.cpp:619]
HTMLContentSink::ResumeParsing() [nsHTMLContentSink.cpp:3032]
nsDoneLoadingScript(nsIUnicharStreamLoader*,nsString&,void*,unsigned
int) [nsHTMLContentSink.cpp:3152]
nsUnicharStreamLoader::OnStopRequest(nsIChannel*,nsISupports*,unsigned
int,const unsigned short*) [nsNetStreamLoader.cpp:159]
nsHTTPResponseListener::OnStopRequest(nsIChannel*,nsISupports*,unsigned
int,const unsigned short*) [nsHTTPResponseListener.cpp:220]
nsOnStopRequestEvent::HandleEvent() [nsAsyncStreamListener.cpp:268]
nsStreamListenerEvent::HandlePLEvent(PLEvent*)
[nsAsyncStreamListener.cpp:144]
PL_HandleEvent [plevent.c:509]
PL_ProcessPendingEvents [plevent.c:470]
nsEventQueueImpl::ProcessPendingEvents() [nsEventQueue.cpp:118]
event_processor_callback(void*,int,GdkInputCondition)
[nsAppShell.cpp:149]
gdk_io_invoke [gdkevents.c:868]
g_io_unix_dispatch [giounix.c:131]
**** Purify instrumented ./apprunner.pure (pid 978) ****
ABR: Array bounds read (3 times):
* This is occurring while in:
memcpy [rtlib.o]
CopyChars2To2(char*,int,const char*,unsigned int,unsigned int)
[bufferRoutines.h:255]
nsStr::Append(nsStr&,const nsStr&,unsigned int,int,nsIMemoryAgent*)
[nsStr.cpp:293]
nsString::Append(const unsigned short*,int) [nsString2.cpp:976]
nsAutoString::nsAutoString(const unsigned short*,eCharSize,int)
[nsString2.cpp:2017]
nsCommentNode::SetText(const unsigned short*,int,int)
[nsCommentNode.cpp:464]
nsGenericDOMDataNode::ReplaceData(unsigned int,unsigned int,const
nsString&) [nsGenericDOMDataNode.cpp:374]
nsGenericDOMDataNode::AppendData(const nsString&)
[nsGenericDOMDataNode.cpp:313]
nsCommentNode::AppendData(const nsString&) [nsCommentNode.cpp:54]
SinkContext::AddComment(const nsIParserNode&)
[nsHTMLContentSink.cpp:1318]
HTMLContentSink::AddComment(const nsIParserNode&)
[nsHTMLContentSink.cpp:2166]
CNavDTD::HandleCommentToken(CToken*) [CNavDTD.cpp:1635]
NavDispatchTokenHandler(CToken*,nsIDTD*) [CNavDTD.cpp:245]
CTokenHandler::operator ()(CToken*,nsIDTD*) [nsTokenHandler.cpp:80]
CNavDTD::HandleToken(CToken*,nsIParser*) [CNavDTD.cpp:734]
CNavDTD::BuildModel(nsIParser*,nsITokenizer*,nsITokenObserver*,nsIContentSink*)
[CNavDTD.cpp:551]
nsParser::BuildModel() [nsParser.cpp:941]
nsParser::ResumeParse(nsIDTD*,int) [nsParser.cpp:886]
nsParser::EnableParser(int) [nsParser.cpp:619]
HTMLContentSink::ResumeParsing() [nsHTMLContentSink.cpp:3032]
nsDoneLoadingScript(nsIUnicharStreamLoader*,nsString&,void*,unsigned
int) [nsHTMLContentSink.cpp:3152]
nsUnicharStreamLoader::OnStopRequest(nsIChannel*,nsISupports*,unsigned
int,const unsigned short*) [nsNetStreamLoader.cpp:159]
nsHTTPResponseListener::OnStopRequest(nsIChannel*,nsISupports*,unsigned
int,const unsigned short*) [nsHTTPResponseListener.cpp:220]
nsOnStopRequestEvent::HandleEvent() [nsAsyncStreamListener.cpp:268]
nsStreamListenerEvent::HandlePLEvent(PLEvent*)
[nsAsyncStreamListener.cpp:144]
PL_HandleEvent [plevent.c:509]
PL_ProcessPendingEvents [plevent.c:470]
nsEventQueueImpl::ProcessPendingEvents() [nsEventQueue.cpp:118]
event_processor_callback(void*,int,GdkInputCondition)
[nsAppShell.cpp:149]
gdk_io_invoke [gdkevents.c:868]
* Reading 24 bytes from 0x224e9d0 in the heap (2 bytes at 0x224e9e6 illegal).
* Address 0x224e9d0 is at the beginning of a malloc'd block of 22 bytes.
* This block was allocated from:
malloc [rtlib.o]
__bUiLtIn_nEw [libraptorgfx.so]
__builtin_new [rtlib.o]
__bUiLtIn_vEc_nEw [libraptorgfx.so]
__builtin_vec_new [rtlib.o]
nsGenericDOMDataNode::ReplaceData(unsigned int,unsigned int,const
nsString&) [nsGenericDOMDataNode.cpp:349]
nsGenericDOMDataNode::AppendData(const nsString&)
[nsGenericDOMDataNode.cpp:313]
nsCommentNode::AppendData(const nsString&) [nsCommentNode.cpp:54]
SinkContext::AddComment(const nsIParserNode&)
[nsHTMLContentSink.cpp:1318]
HTMLContentSink::AddComment(const nsIParserNode&)
[nsHTMLContentSink.cpp:2166]
CNavDTD::HandleCommentToken(CToken*) [CNavDTD.cpp:1635]
NavDispatchTokenHandler(CToken*,nsIDTD*) [CNavDTD.cpp:245]
CTokenHandler::operator ()(CToken*,nsIDTD*) [nsTokenHandler.cpp:80]
CNavDTD::HandleToken(CToken*,nsIParser*) [CNavDTD.cpp:734]
CNavDTD::BuildModel(nsIParser*,nsITokenizer*,nsITokenObserver*,nsIContentSink*)
[CNavDTD.cpp:551]
nsParser::BuildModel() [nsParser.cpp:941]
nsParser::ResumeParse(nsIDTD*,int) [nsParser.cpp:886]
nsParser::EnableParser(int) [nsParser.cpp:619]
HTMLContentSink::ResumeParsing() [nsHTMLContentSink.cpp:3032]
nsDoneLoadingScript(nsIUnicharStreamLoader*,nsString&,void*,unsigned
int) [nsHTMLContentSink.cpp:3152]
nsUnicharStreamLoader::OnStopRequest(nsIChannel*,nsISupports*,unsigned
int,const unsigned short*) [nsNetStreamLoader.cpp:159]
nsHTTPResponseListener::OnStopRequest(nsIChannel*,nsISupports*,unsigned
int,const unsigned short*) [nsHTTPResponseListener.cpp:220]
nsOnStopRequestEvent::HandleEvent() [nsAsyncStreamListener.cpp:268]
nsStreamListenerEvent::HandlePLEvent(PLEvent*)
[nsAsyncStreamListener.cpp:144]
PL_HandleEvent [plevent.c:509]
PL_ProcessPendingEvents [plevent.c:470]
nsEventQueueImpl::ProcessPendingEvents() [nsEventQueue.cpp:118]
event_processor_callback(void*,int,GdkInputCondition)
[nsAppShell.cpp:149]
gdk_io_invoke [gdkevents.c:868]
g_io_unix_dispatch [giounix.c:131]
Bruce, I'm not seeing this anymore. Could you please give me a feedback on this? Thanx.
Status: ASSIGNED → RESOLVED
Closed: 25 years ago
Resolution: --- → INVALID
Since the reporter hasn't responded and since I don't see this problem.... Marking the bug INVALID.
|
||
Updated•25 years ago
|
Status: RESOLVED → VERIFIED
|
|
||
Comment 3•25 years ago
|
||
Marking as verified invalid.
| Comment hidden (collapsed) |
You need to log in
before you can comment on or make changes to this bug.
Description
•