Closed Bug 312569 Opened 15 years ago Closed 15 years ago

nsIVersionComparator is still broken in some circumstances

Categories

(Core :: XPCOM, defect, P1)

Product:
Core
Component:
XPCOM
Platform:
x86
Windows XP
Type:
defect

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: asqueella, Assigned: benjamin)

Details

(Keywords: fixed1.8)

Attachments

(1 file)

Always initialize versionparts, rev. 1
1.87 KB, patch
darin.moz
: review+
mscott
: approval1.8rc1+
Details | Diff | Splinter Review 
The following code returns 1 instead of 0 for me.

Components.classes["@mozilla.org/xpcom/version-comparator;1"]
          .getService(Components.interfaces.nsIVersionComparator)
          .compare("0+", "1pre");

This happens because ParseVP() doesn't initialize numC and extraD if strB[0]=='+'. 

---
Also, either check the other two parts or document that you ignore them in case
if strB starts with '+' (in the nsIVersionComparator.idl). Currently the
documentation implies that the other two parts are evaluated even if strB is '+'.
For some reason, on the second iteration of the loop in NS_CompareVersions numC
and extraD get nulled, and 1.0+ correctly compares as equal to 1.1pre, but I
think this may break on certain compilers. Asking for blocking1.8 for that reason.

Don't have a tree, so can't make a patch, sorry.
Flags: blocking1.8rc1?
benjamin, do you think this is a real problem that we should stop the 1.5
release for?
Yeah, there seem to be cases where uninitialized memory can peek through.
Assignee: dougt → benjamin
Flags: blocking1.8rc1? → blocking1.8rc1+
This initializes the versionparts up front, which is probably how I should have
done it in the first place.
Attachment #199828 - Flags: review?(darin)
Priority: -- → P1
Attachment #199828 - Flags: review?(darin) → review+
Fixed on trunk.
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED
Attachment #199828 - Flags: approval1.8rc1?
Attachment #199828 - Flags: approval1.8rc1? → approval1.8rc1+
Fixed on 1.8 branch.
Keywords: fixed1.8
You need to log in before you can comment on or make changes to this bug.