Open
Bug 384210
Opened 18 years ago
Updated 3 months ago
Investigate nsIMAPBodypartMessage string initiation copies a literal in nsImapServerResponseParser::bodystructure_data()
Categories
(MailNews Core :: Backend, defect)
Tracking
(Not tracked)
NEW
People
(Reporter: nick.kreeger, Unassigned)
References
Details
(Keywords: memory-leak)
Attachments
(1 file)
1.62 KB,
patch
|
rkent
:
review-
|
Details | Diff | Splinter Review |
For some reason, the caller of the nsImapServerResponseParser constructor actually copies a literal.
This needs to be investigated to see why the code was written this way:
nsIMAPBodypartMessage *message = new nsIMAPBodypartMessage(NULL, NULL, PR_TRUE,
strdup("message"), strdup("rfc822"),
NULL, NULL, NULL, 0);
Assignee | ||
Updated•16 years ago
|
Product: Core → MailNews Core
Comment 3•7 years ago
|
||
OK, I will take a look at this next week.
Comment 4•7 years ago
|
||
Here is what I found out.
If I remove strdup() call from the two arguments, I get the following warning from GCC.
(This warning from GCC is probably an error to a strictly conforming compiler.)
/NREF-COMM-CENTRAL/comm-central/mailnews/imap/src/nsImapServerResponseParser.cpp
: In member function ‘virtual void nsImapServerResponseParser::bodystructure_dat
a()’:
/NREF-COMM-CENTRAL/comm-central/mailnews/imap/src/nsImapServerResponseParser.cpp
:2707:71: warning: ISO C++ forbids converting a string constant to ‘char*’ [-Wwr
ite-strings]
fServerConnection.GetPreferPlainText());
^
/NREF-COMM-CENTRAL/comm-central/mailnews/imap/src/nsImapServerResponseParser.cpp
:2707:71: warning: ISO C++ forbids converting a string constant to ‘char*’ [-Wwr
ite-strings]
So, I am checking a patch that creates a char array that contains the strings and pass them to the function.
TIA
Flags: needinfo?(ishikawa)
Comment 5•7 years ago
|
||
But if I pass an array that is NOT allocated, I get an error from
memory free function later.
But if I pass an array that is NOT allocated, I get an error from
memory free function later.
As it turnes out the bodyType and bodySubType paramters are released
when
the nsIMAPBodyPartLeaf object is destroyed and thus the parameters
must be dynamically allocated character strings.
///////////// nsIMAPBodypartMessage ////////////////////////
nsIMAPBodypartMessage::nsIMAPBodypartMessage(char *partNum,
nsIMAPBodypart *parentPart,
bool topLevelMessage,
char *bodyType, char *bodySubType,
char *bodyID,
char *bodyDescription,
char *bodyEncoding,
int32_t partLength,
bool preferPlainText)
: nsIMAPBodypartLeaf(partNum, parentPart, bodyType, bodySubType, bodyID,
bodyDescription, bodyEncoding, partLength,
preferPlainText)
Then there is another superclass:
nsIMAPBodypartLeaf::nsIMAPBodypartLeaf(char *partNum,
nsIMAPBodypart *parentPart,
char *bodyType, char *bodySubType,
char *bodyID, char *bodyDescription,
char *bodyEncoding, int32_t partLength,
bool preferPlainText)
: nsIMAPBodypart(partNum, parentPart), mPreferPlainText(preferPlainText)
And when nsIMAPBodypart is destroyed:
nsIMAPBodypart::~nsIMAPBodypart()
{
PR_FREEIF(m_partNumberString);
PR_FREEIF(m_contentType);
PR_FREEIF(m_bodyType);
PR_FREEIF(m_bodySubType);
PR_FREEIF(m_bodyID);
PR_FREEIF(m_bodyDescription);
PR_FREEIF(m_bodyEncoding);
PR_FREEIF(m_partData);
PR_FREEIF(m_headerData);
PR_FREEIF(m_boundaryData);
}
So these members need to be dynamically allocated.
QED.
Comment 6•7 years ago
|
||
I suggest to clarify the comment regarding this issue.
TIA
Attachment #8887843 -
Flags: review?(rkent)
Comment 7•7 years ago
|
||
Comment on attachment 8887843 [details] [diff] [review]
Clarify why |strdup| calls are necessary.
Review of attachment 8887843 [details] [diff] [review]:
-----------------------------------------------------------------
You are explaining why the strdup is needed (and not a memory leak) as written, but not really explaining why the code needs to be written that way. I don't believe that it does.
It seems to me like the correct approach is to make those two parameters const char* instead of char*, then removing both the strdup as well as release in the destruct or. Other places where m_bodyType or m_bodySubType are set would need the same treatment.
But I easily get confused in all of this const nonsense, so correct me if I am wrong.
Attachment #8887843 -
Flags: review?(rkent) → review-
Comment 8•7 years ago
|
||
(In reply to Kent James (:rkent) from comment #7)
> Comment on attachment 8887843 [details] [diff] [review]
> Clarify why |strdup| calls are necessary.
>
> Review of attachment 8887843 [details] [diff] [review]:
> -----------------------------------------------------------------
>
> You are explaining why the strdup is needed (and not a memory leak) as
> written, but not really explaining why the code needs to be written that
> way. I don't believe that it does.
>
Now I see what the original question was asking.
I only thought the question was asking why strdup() was necessary.
That was simple, but no, I now realize the real question/request is NOT that simple.
> It seems to me like the correct approach is to make those two parameters
> const char* instead of char*, then removing both the strdup as well as
> release in the destruct or. Other places where m_bodyType or m_bodySubType
> are set would need the same treatment.
>
> But I easily get confused in all of this const nonsense, so correct me if I
> am wrong.
OK, my take on this is: there are simply too many places where PL_strdup() and friends are used to
cope with the parameters that are freed on the class object destruction.
The design seems to assume
the allocation on the user side and release on the object destruction.
Since there are simply too many calls of PL_strdup() and friends involved
to change the behavior of destruction to release the passed members and not releasing them,
I will come back to this when other bugzilla issues are solved (and not exactly sure when.).
Comment 9•6 years ago
|
||
(In reply to ISHIKAWA, Chiaki from comment #8)
> ...
> Since there are simply too many calls of PL_strdup() and friends involved
> to change the behavior of destruction to release the passed members and not
> releasing them,
Are you suggesting an comprehensive overhaul of these calls? In a new bug?
Flags: needinfo?(ishikawa)
Summary: Investigate nsIMAPBodypartMessage string initiation in nsImapServerResponseParser::bodystructure_data() → Investigate nsIMAPBodypartMessage string initiation copies a literal in nsImapServerResponseParser::bodystructure_data()
Comment 10•6 years ago
|
||
(In reply to Wayne Mery (:wsmwk) from comment #9)
> (In reply to ISHIKAWA, Chiaki from comment #8)
> > ...
> > Since there are simply too many calls of PL_strdup() and friends involved
> > to change the behavior of destruction to release the passed members and not
> > releasing them,
>
> Are you suggesting an comprehensive overhaul of these calls? In a new bug?
I believe that I mentioned this for this particular file/function.
I will look into this after the M-C/C-C layout change is over (from the previous C-C/M-C layout). Almost finished, but somehow I have uncovered a host of source code issues. One is potentially crash-inducing bug :-(
Flags: needinfo?(ishikawa)
Updated•2 years ago
|
Severity: normal → S3
Comment 11•2 years ago
|
||
(In reply to ISHIKAWA, Chiaki from comment #10)
I will look into this after the M-C/C-C layout change is over (from the
previous C-C/M-C layout). Almost finished, but somehow I have uncovered a
host of source code issues. One is potentially crash-inducing bug :-(
Is there a bug number for this?
Flags: needinfo?(ishikawa)
Comment 12•2 years ago
|
||
(In reply to Wayne Mery (:wsmwk) from comment #11)
(In reply to ISHIKAWA, Chiaki from comment #10)
I will look into this after the M-C/C-C layout change is over (from the
previous C-C/M-C layout). Almost finished, but somehow I have uncovered a
host of source code issues. One is potentially crash-inducing bug :-(Is there a bug number for this?
I am afraid I have forgotten which bug it was.
But I believe I have filed them four years ago.
Flags: needinfo?(ishikawa)
You need to log in
before you can comment on or make changes to this bug.
Description
•