1271131 - Crashes in _invalid_parameter, inside of nsNotifyAddrListener::calculateNetworkId, on Windows Vista

Status: RESOLVED FIXED

(Core :: Networking, defect)

Description

[David Baron :dbaron: (⌚️UTC-5, no longer working on Mozilla)]

[Tracking Requested - why for this release]:

This bug was filed from the Socorro interface and is 
report bp-aecf27e1-fc4f-455f-bea3-f15c62160507.
=============================================================

A few crashes like this have started showing up in crash-stats:
https://crash-stats.mozilla.com/signature/?product=Firefox&release_channel=nightly&platform=Windows&date=%3E%3D2016-04-01

So far, all 5 crashes have been on Windows Vista.

Presumably a regression from:
https://hg.mozilla.org/mozilla-central/rev/aa730410c52c
which landed a few days ago.

Top of stack is:
0 	ucrtbase.dll 	_invalid_parameter 	
1 	ucrtbase.dll 	_invalid_parameter_noinfo 	
2 	ucrtbase.dll 	strcpy_s 	
3 	xul.dll 	defaultgw 	netwerk/system/win32/nsNotifyAddrListener.cpp:249
4 	xul.dll 	nsNotifyAddrListener::calculateNetworkId() 	netwerk/system/win32/nsNotifyAddrListener.cpp:274
5 	xul.dll 	nsNotifyAddrListener::Run() 	netwerk/system/win32/nsNotifyAddrListener.cpp:311

Comment 1

[Daniel Stenberg [:bagder]]

Out of the three arguments to strcpy_s(), only the third changes between invokes so clearly inet_ntoa() returns NULL in this case. I'll make a patch that makes sure only non-NULL inet_ntoa() results are used.

Comment 2

[Daniel Stenberg [:bagder]]

Attachment: 0001-Bug-1271131-check-inet_ntoa-return-code-before-use-r.patch

1. Check the inet_ntoa() return value before blindly using it, even if I can't really understand why it would fail but evidence suggests that it happens.

2. I modified the logic slightly to avoid the superfluous first strcpy_s()

Comment 3

[Pulsebot]

https://hg.mozilla.org/integration/mozilla-inbound/rev/8389ea050328

Comment 4

[Carsten Book [:Tomcat]]

https://hg.mozilla.org/mozilla-central/rev/8389ea050328