Closed Bug 1304601 Opened 9 years ago Closed 9 years ago

Crash in InvalidArrayIndex_CRASH | nsTArray_Impl<T>::ElementAt | mozilla::widget::IMMHandler::HandleComposition

Categories

(Core :: Widget: Win32, defect)

Product:
Core
Component:
Widget: Win32
Platform:
x86
Windows 7
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
RESOLVED DUPLICATE of bug 1300143

People

(Reporter: n.nethercote, Unassigned)

Details

(Keywords: crash)

This bug was filed from the Socorro interface and is report bp-e53991c9-2778-41a6-931e-08d232160921. ============================================================= An nsTArray bounds check failure crash. 3 occurrences across 3 installations in the past 7 days. In all three cases we accessed element 0 of a zero-length array. jimm, can you please take a look?
Flags: needinfo?(jmathies)
Group: layout-core-security
Status: NEW → RESOLVED
Closed: 9 years ago
Flags: needinfo?(jmathies)
Resolution: --- → DUPLICATE
Crash Signature: [@ InvalidArrayIndex_CRASH | nsTArray_Impl<T>::ElementAt | mozilla::widget::IMMHandler::HandleComposition]
Crash volume for signature 'InvalidArrayIndex_CRASH | nsTArray_Impl<T>::ElementAt | mozilla::widget::IMMHandler::HandleComposition': - nightly (version 53): 0 crashes from 2016-11-14. - aurora (version 52): 0 crashes from 2016-11-14. - beta (version 51): 0 crashes from 2016-11-14. - release (version 50): 4634 crashes from 2016-11-01. - esr (version 45): 0 crashes from 2016-07-06. Crash volume on the last weeks (Week N is from 01-02 to 01-08): W. N-1 W. N-2 W. N-3 W. N-4 W. N-5 W. N-6 W. N-7 - nightly 0 0 0 0 0 0 0 - aurora 0 0 0 0 0 0 0 - beta 0 0 0 0 0 0 0 - release 20 9 27 83 781 2171 1533 - esr 0 0 0 0 0 0 0 Affected platform: Windows Crash rank on the last 7 days: Browser Content Plugin - nightly - aurora - beta - release #76 - esr
status-firefox50: --- → affected
Group: layout-core-security
You need to log in before you can comment on or make changes to this bug.