Closed Bug 20105 Opened 25 years ago Closed 25 years ago

Uninitialized memory read in nsLineLayout::CanPlaceFrame

Categories

(Core :: Layout, defect, P3)

Product:
Core
Component:
Layout
Platform:
x86
Windows NT
Type:
defect

Tracking

()

Status:
VERIFIED DUPLICATE of bug 18622

People

(Reporter: David.R.Gardiner, Assigned: buster)

Details

Attachments

(1 file)

Fix UMR
11.17 KB, patch
Details | Diff | Splinter Review 
Running Purify for NT on Viewer.exe, i get an UMR. I would
expect the problem would also be evident in mozilla.exe

[W] UMR: Uninitialized memory read in
nsLineLayout::CanPlaceFrame(PerFrameData::nsLineLayout *,nsHTMLReflowState
const&,int,nsHTMLReflowMetrics&,UINT&) {1 occurrence}
    Reading 4 bytes from 0x05edd4bc (4 bytes at 0x05edd4bc uninitialized)
    Address 0x05edd4bc is 132 bytes into a 140 byte block at 0x05edd438
    Address 0x05edd4bc points to a C++ new block in heap 0x03830000
    Thread ID: 0x628
    Error location
        nsLineLayout::CanPlaceFrame(PerFrameData::nsLineLayout
*,nsHTMLReflowState const&,int,nsHTMLReflowMetrics&,UINT&)
[nsLineLayout.cpp:1341]

                  // If this is a piece of text inside a letter frame...
                  if (pfd->mIsNonEmptyTextFrame) {
             =>     if (psd->mFrame && psd->mFrame->mIsLetterFrame) {
                      nsIFrame* prevInFlow;
                      psd->mFrame->mFrame->GetPrevInFlow(&prevInFlow);
                      if (prevInFlow) {
        nsLineLayout::ReflowFrame(nsIFrame *,nsIFrame *
*,UINT&,nsHTMLReflowMetrics *) [nsLineLayout.cpp:1118]
        nsInlineFrame::ReflowInlineFrame(nsIPresContext *,nsHTMLReflowState
const&,InlineReflowState::nsInlineFrame&,nsIFrame *,UINT&)
[nsInlineFrame.cpp:489]
        nsInlineFrame::ReflowFrames(nsIPresContext *,nsHTMLReflowState
const&,InlineReflowState::nsInlineFrame&,nsHTMLReflowMetrics&,UINT&)
[nsInlineFrame.cpp:347]
        nsInlineFrame::Reflow(nsIPresContext
*,nsHTMLReflowMetrics&,nsHTMLReflowState const&,UINT&) [nsInlineFrame.cpp:274]
        nsLineLayout::ReflowFrame(nsIFrame *,nsIFrame *
*,UINT&,nsHTMLReflowMetrics *) [nsLineLayout.cpp:955]
        nsInlineFrame::ReflowInlineFrame(nsIPresContext *,nsHTMLReflowState
const&,InlineReflowState::nsInlineFrame&,nsIFrame *,UINT&)
[nsInlineFrame.cpp:489]
        nsInlineFrame::ReflowFrames(nsIPresContext *,nsHTMLReflowState
const&,InlineReflowState::nsInlineFrame&,nsHTMLReflowMetrics&,UINT&)
[nsInlineFrame.cpp:347]
        nsInlineFrame::Reflow(nsIPresContext
*,nsHTMLReflowMetrics&,nsHTMLReflowState const&,UINT&) [nsInlineFrame.cpp:274]
        nsLineLayout::ReflowFrame(nsIFrame *,nsIFrame *
*,UINT&,nsHTMLReflowMetrics *) [nsLineLayout.cpp:955]
Attached patch Fix UMRSplinter Review 

    
  
Assignee: troy → kipp

    
  
Status: NEW → RESOLVED
Closed: 25 years ago
Resolution: --- → DUPLICATE

    
    

    
  
I checked in a fix for this today. Marking as a dup of 18622.

*** This bug has been marked as a duplicate of 18622 ***

    
  
Status: RESOLVED → VERIFIED

    
    

    
  
Marking verified dup of 18622.

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: