[FIX]nsUnknownDecoder can read uninitialized data

RESOLVED FIXED in mozilla1.6alpha

Status

()

Core
Networking
P1
normal
RESOLVED FIXED
15 years ago
15 years ago

People

(Reporter: bz, Assigned: bz)

Tracking

Trunk
mozilla1.6alpha
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment)

If the check for HTML is done near the end of the string, such that
sizeof(_tagstr) chars will run us off the end of mBuffer, then we can in fact
read off the edge of the buffer (since the buffer is _not_ null-terminated).

Patch coming up.
Priority: -- → P1
Summary: nsUnknownDecoder can read uninitialized data → [FIX]nsUnknownDecoder can read uninitialized data
Target Milestone: --- → mozilla1.6alpha
Comment on attachment 132627 [details] [diff] [review]
patch

Reviews?  I also got rid of the nsCAutoString stuff that we were no longer
really using...
Attachment #132627 - Flags: superreview?(darin)
Attachment #132627 - Flags: review?(cbiesinger)
Comment on attachment 132627 [details] [diff] [review]
patch

looks good
Attachment #132627 - Flags: review?(cbiesinger) → review+

Comment 4

15 years ago
Comment on attachment 132627 [details] [diff] [review]
patch

nice deStringification! ;-)

sr=darin
Attachment #132627 - Flags: superreview?(darin) → superreview+
Fix checked in.
Status: NEW → RESOLVED
Last Resolved: 15 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.