Closed Bug 1271131 Opened 7 years ago Closed 7 years ago

Crashes in _invalid_parameter, inside of nsNotifyAddrListener::calculateNetworkId, on Windows Vista

Categories

(Core :: Networking, defect)

Product:
Core
Component:
Networking
Platform:
x86
Windows Vista
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla49
Tracking Flags:
Tracking Status
firefox49 + fixed

People

(Reporter: dbaron, Assigned: bagder)

References

Details

(Keywords: crash, topcrash, Whiteboard: [necko-active])

Crash Data

Attachments

(1 file)

0001-Bug-1271131-check-inet_ntoa-return-code-before-use-r.patch
1.68 KB, patch
mcmanus
: review+
Details | Diff | Splinter Review 
[Tracking Requested - why for this release]:

This bug was filed from the Socorro interface and is 
report bp-aecf27e1-fc4f-455f-bea3-f15c62160507.
=============================================================

A few crashes like this have started showing up in crash-stats:
https://crash-stats.mozilla.com/signature/?product=Firefox&release_channel=nightly&platform=Windows&date=%3E%3D2016-04-01

So far, all 5 crashes have been on Windows Vista.

Presumably a regression from:
https://hg.mozilla.org/mozilla-central/rev/aa730410c52c
which landed a few days ago.

Top of stack is:
0 	ucrtbase.dll 	_invalid_parameter 	
1 	ucrtbase.dll 	_invalid_parameter_noinfo 	
2 	ucrtbase.dll 	strcpy_s 	
3 	xul.dll 	defaultgw 	netwerk/system/win32/nsNotifyAddrListener.cpp:249
4 	xul.dll 	nsNotifyAddrListener::calculateNetworkId() 	netwerk/system/win32/nsNotifyAddrListener.cpp:274
5 	xul.dll 	nsNotifyAddrListener::Run() 	netwerk/system/win32/nsNotifyAddrListener.cpp:311
Flags: needinfo?(daniel)
Assignee: nobody → daniel
Flags: needinfo?(daniel)
Out of the three arguments to strcpy_s(), only the third changes between invokes so clearly inet_ntoa() returns NULL in this case. I'll make a patch that makes sure only non-NULL inet_ntoa() results are used.
1. Check the inet_ntoa() return value before blindly using it, even if I can't really understand why it would fail but evidence suggests that it happens.

2. I modified the logic slightly to avoid the superfluous first strcpy_s()
Attachment #8750117 - Flags: review?(mcmanus)
Whiteboard: [necko-active]
Attachment #8750117 - Flags: review?(mcmanus) → review+
Keywords: checkin-needed
https://hg.mozilla.org/mozilla-central/rev/8389ea050328
Status: NEW → RESOLVED
Closed: 7 years ago
status-firefox49: affectedfixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla49
You need to log in before you can comment on or make changes to this bug.