Closed Bug 292723 Opened 19 years ago Closed 19 years ago

pReconv->dwSize value is invalid

Categories

(Core :: Internationalization, defect, P1)

Product:
Core
Component:
Internationalization
Platform:
x86
Windows XP
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla1.8beta2

People

(Reporter: masayuki, Assigned: masayuki)

Details

(Keywords: crash, intl)

Attachments

(1 file, 1 obsolete file)

Patch rv1.1
1.32 KB, patch
masayuki
: review+
bzbarsky
: superreview+
asa
: approval1.8b2+
Details | Diff | Splinter Review 
in nsWindow.cpp#7060
http://lxr.mozilla.org/seamonkey/source/widget/src/windows/nsWindow.cpp#7060

the dwIndex is set sizeof(RECONVERTSTRING).
But it is invalid. we should set *oResult.

see
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/intl/ime_58tu.asp

"dwSize
    Specifies the size of this structure *and the memory block it heads*."

On Win9x, if we reconvert with ATOK, it is crashed sometimes.
On WinXP, if we using MS-IME 2003, we cannot reconvert.
Status: NEW → ASSIGNED
Priority: -- → P1
Target Milestone: --- → mozilla1.8beta2
> the dwIndex is set sizeof(RECONVERTSTRING).

Oops. that is dwSize, not dwIndex.
Attached patch Patch rv1.0 (obsolete) — Splinter Review 

        Attachment #182489 -
        Flags: review?(timeless)

    
  

        Attachment #182489 -
        Flags: review?(timeless) → review+

        Attachment #182489 -
        Flags: superreview?(bzbarsky)

    
    

    
  
Comment on attachment 182489 [details] [diff] [review]
Patch rv1.0

>Index: widget/src/windows/nsWindow.cpp
>+    if (pReconv->dwSize < *oResult) {
>+      NS_ASSERTION(pReconv->dwSize >= *oResult, "Reconvert structure size is invalid");
>+      *oResult = 0;
>+      return PR_FALSE;
>+    }

This block makes no sense.  If you mean an NS_ERROR, use an NS_ERROR.  But in
general, is this a fatal condition?  Or one you expect to see sometimes?  In
the former case, just NS_ERROR and don't bother returning.  In the latter case,
you're handling the problem, so no need for NS_ERROR.

    
    

    
  

      
      
      
      

        Attached patch
          
          
        Patch rv1.1Splinter Review
      

    


  

        Attachment #182489 -
        Attachment is obsolete: true

        Attachment #182596 -
        Flags: superreview?(bzbarsky)

        Attachment #182596 -
        Flags: review+

        Attachment #182489 -
        Flags: superreview?(bzbarsky) → superreview-

        Attachment #182596 -
        Flags: superreview?(bzbarsky) → superreview+

    
    

    
  
Comment on attachment 182596 [details] [diff] [review]
Patch rv1.1

This is critical problem on Win9x and major problem with MS-IME2003.
The risk is low.

        Attachment #182596 -
        Flags: approval1.8b2?

    
    

    
  
Comment on attachment 182596 [details] [diff] [review]
Patch rv1.1

a=asa

        Attachment #182596 -
        Flags: approval1.8b2? → approval1.8b2+

    
    

    
  
checked-in.
Status: ASSIGNED → RESOLVED
Closed: 19 years ago
Resolution: --- → FIXED

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: