Closed Bug 13137 Opened 25 years ago Closed 25 years ago

broken usage of CBufDescriptor

Categories

(Core Graveyard :: RDF, defect, P3)

Product:
Core Graveyard
Component:
RDF
Platform:
x86
Windows NT
Type:
defect

Tracking

(Not tracked)

Status:
VERIFIED FIXED

People

(Reporter: jband_mozilla, Assigned: waterson)

Details

I was running Purify and saw a bunch of UMRs (uninitialied memory reads) in
strlen when called from CBufDescriptor::CBufDescriptor(char* ...).

It isn't used in a lot of places...
http://lxr.mozilla.org/seamonkey/search?string=CBufDescriptor

The fourth param (aLength) is defaulted to -1 and if it == -1 then a strlen will
be done on the string. In one place an uninitialied auto array is passed in, but
the fourth param is allowed to default to -1. In another place the ctor is
being called with the third param  - a PRUint - set to -1.

I'm thinking that perhaps the 3rd paramater has been recently added and calls
are being made that think they are setting aLength when in fact they are setting
aCapacity and letting aLength default to -1.

Again, there are not many callers to this function. They should all be checked
to see that they are getting what they thing they are asking for.
Status: NEW → RESOLVED
Closed: 25 years ago
Resolution: --- → FIXED
Mucho gracias, jband.
QA Contact massive update.
verified
Status: RESOLVED → VERIFIED
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.