Closed Bug 133432 Opened 23 years ago Closed 23 years ago

UMR: nsScanner::ReadUntil()

Categories

(Core :: DOM: HTML Parser, defect)

Product:
Core
Component:
DOM: HTML Parser
Platform:
x86
Windows 2000
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
VERIFIED DUPLICATE of bug 102613

People

(Reporter: hjtoi-bugzilla, Assigned: harishd)

References

(
URL
)

Details

Attachments

(2 files)

css
501 bytes, text/css
Details
testcase
20.39 KB, text/html
Details
When going to the URL with the latest build and using Purify I hit this UMR in the parser: [W] UMR: Uninitialized memory read in nsReadingIterator<WORD>::*(void)const {2 occurrences} Reading 2 bytes from 0x09d08ab0 (2 bytes at 0x09d08ab0 uninitialized) Address 0x09d08ab0 is 8192 bytes into a 8194 byte block at 0x09d06ab0 Address 0x09d08ab0 points to a malloc'd block in heap 0x026d0000 Thread ID: 0x5d0 Error location nsReadingIterator<WORD>::*(void)const [nsStringIterator.h:95] nsScanner::ReadUntil(nsReadingIterator<WORD>&,nsReadingIterator<WORD>&,nsReadEndCondition const&,int) [nsScanner.cpp:1293] } ++current; => theChar = *current; } // If we are here, we didn't find any terminator in the string and CTextToken::Consume(WORD,nsScanner&,int) [nsHTMLTokens.cpp:552] nsHTMLTokenizer::ConsumeText(CToken *&,nsScanner&) [nsHTMLTokenizer.cpp:946] nsHTMLTokenizer::ConsumeToken(nsScanner&,int&) [nsHTMLTokenizer.cpp:512] nsParser::Tokenize(int) [nsParser.cpp:2516] nsParser::ResumeParse(int,int,int) [nsParser.cpp:1730] nsParser::OnDataAvailable(nsIRequest *,nsISupports *,nsIInputStream *,UINT,UINT) [nsParser.cpp:2387] nsDocumentOpenInfo::OnDataAvailable(nsIRequest *,nsISupports *,nsIInputStream *,UINT,UINT) [nsURILoader.cpp:242] nsHttpChannel::OnDataAvailable(nsIRequest *,nsISupports *,nsIInputStream *,UINT,UINT) [nsHttpChannel.cpp:2646] Allocation location malloc [MSVCRT.DLL] PR_Malloc [prmem.c:474] nsMemoryImpl::Alloc(UINT) [nsMemoryImpl.cpp:320] nsMemory::Alloc(UINT) [nsMemory.cpp:77] nsScanner::Append(char const*,UINT) [nsScanner.cpp:336] if(mUnicodeDecoder) { PRInt32 unicharBufLen = 0; mUnicodeDecoder->GetMaxLength(aBuffer, aLen, &unicharBufLen); => start = unichars = (PRUnichar*)nsMemory::Alloc((unicharBufLen+1) * sizeof(PRUnichar)); NS_ENSURE_TRUE(unichars,NS_ERROR_OUT_OF_MEMORY); PRInt32 totalChars = 0; ParserWriteFunc [nsParser.cpp:2325] nsPipe::nsPipeInputStream::ReadSegments((*)(nsIInputStream *,void *,char const*,UINT,UINT,UINT *),void *,UINT,UINT *) [nsPipe2.cpp:419] nsParser::OnDataAvailable(nsIRequest *,nsISupports *,nsIInputStream *,UINT,UINT) [nsParser.cpp:2382] nsDocumentOpenInfo::OnDataAvailable(nsIRequest *,nsISupports *,nsIInputStream *,UINT,UINT) [nsURILoader.cpp:242] nsHttpChannel::OnDataAvailable(nsIRequest *,nsISupports *,nsIInputStream *,UINT,UINT) [nsHttpChannel.cpp:2646]
Oops :) *** This bug has been marked as a duplicate of 102613 ***
Status: NEW → RESOLVED
Closed: 23 years ago
Resolution: --- → DUPLICATE
Verified dup
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: