Closed
Bug 221189
Opened 21 years ago
Closed 21 years ago
[FIX]nsUnknownDecoder can read uninitialized data
Categories
(Core :: Networking, defect, P1)
Core
Networking
Tracking
()
RESOLVED
FIXED
mozilla1.6alpha
People
(Reporter: bzbarsky, Assigned: bzbarsky)
Details
Attachments
(1 file)
2.46 KB,
patch
|
Biesinger
:
review+
darin.moz
:
superreview+
|
Details | Diff | Splinter Review |
If the check for HTML is done near the end of the string, such that sizeof(_tagstr) chars will run us off the end of mBuffer, then we can in fact read off the edge of the buffer (since the buffer is _not_ null-terminated). Patch coming up.
Assignee | ||
Updated•21 years ago
|
Priority: -- → P1
Summary: nsUnknownDecoder can read uninitialized data → [FIX]nsUnknownDecoder can read uninitialized data
Target Milestone: --- → mozilla1.6alpha
Assignee | ||
Comment 1•21 years ago
|
||
Assignee | ||
Comment 2•21 years ago
|
||
Comment on attachment 132627 [details] [diff] [review] patch Reviews? I also got rid of the nsCAutoString stuff that we were no longer really using...
Attachment #132627 -
Flags: superreview?(darin)
Attachment #132627 -
Flags: review?(cbiesinger)
Comment 3•21 years ago
|
||
Comment on attachment 132627 [details] [diff] [review] patch looks good
Attachment #132627 -
Flags: review?(cbiesinger) → review+
Comment 4•21 years ago
|
||
Comment on attachment 132627 [details] [diff] [review] patch nice deStringification! ;-) sr=darin
Attachment #132627 -
Flags: superreview?(darin) → superreview+
Assignee | ||
Comment 5•21 years ago
|
||
Fix checked in.
Status: NEW → RESOLVED
Closed: 21 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•