Open Bug 384210 Opened 18 years ago Updated 3 months ago

Investigate nsIMAPBodypartMessage string initiation copies a literal in nsImapServerResponseParser::bodystructure_data()

Categories

(MailNews Core :: Backend, defect)

Product:
MailNews Core
Component:
Backend
Platform:
PowerPC
macOS
Type:
defect

Tracking

(Not tracked)

People

(Reporter: nick.kreeger, Unassigned)

References

Details

(Keywords: memory-leak)

Attachments

(1 file)

Clarify why |strdup| calls are necessary.
1.62 KB, patch
rkent
: review-
Details | Diff | Splinter Review
For some reason, the caller of the nsImapServerResponseParser constructor actually copies a literal. This needs to be investigated to see why the code was written this way: nsIMAPBodypartMessage *message = new nsIMAPBodypartMessage(NULL, NULL, PR_TRUE, strdup("message"), strdup("rfc822"), NULL, NULL, NULL, 0);
Product: Core → MailNews Core
Flagging as a possible memory leak investigation.
Keywords: mlk
related to bug 1285434 or bug 1285098 ?
Flags: needinfo?(ishikawa)
OK, I will take a look at this next week.
Here is what I found out. If I remove strdup() call from the two arguments, I get the following warning from GCC. (This warning from GCC is probably an error to a strictly conforming compiler.) /NREF-COMM-CENTRAL/comm-central/mailnews/imap/src/nsImapServerResponseParser.cpp : In member function ‘virtual void nsImapServerResponseParser::bodystructure_dat a()’: /NREF-COMM-CENTRAL/comm-central/mailnews/imap/src/nsImapServerResponseParser.cpp :2707:71: warning: ISO C++ forbids converting a string constant to ‘char*’ [-Wwr ite-strings] fServerConnection.GetPreferPlainText()); ^ /NREF-COMM-CENTRAL/comm-central/mailnews/imap/src/nsImapServerResponseParser.cpp :2707:71: warning: ISO C++ forbids converting a string constant to ‘char*’ [-Wwr ite-strings] So, I am checking a patch that creates a char array that contains the strings and pass them to the function. TIA
Flags: needinfo?(ishikawa)
But if I pass an array that is NOT allocated, I get an error from memory free function later. But if I pass an array that is NOT allocated, I get an error from memory free function later. As it turnes out the bodyType and bodySubType paramters are released when the nsIMAPBodyPartLeaf object is destroyed and thus the parameters must be dynamically allocated character strings. ///////////// nsIMAPBodypartMessage //////////////////////// nsIMAPBodypartMessage::nsIMAPBodypartMessage(char *partNum, nsIMAPBodypart *parentPart, bool topLevelMessage, char *bodyType, char *bodySubType, char *bodyID, char *bodyDescription, char *bodyEncoding, int32_t partLength, bool preferPlainText) : nsIMAPBodypartLeaf(partNum, parentPart, bodyType, bodySubType, bodyID, bodyDescription, bodyEncoding, partLength, preferPlainText) Then there is another superclass: nsIMAPBodypartLeaf::nsIMAPBodypartLeaf(char *partNum, nsIMAPBodypart *parentPart, char *bodyType, char *bodySubType, char *bodyID, char *bodyDescription, char *bodyEncoding, int32_t partLength, bool preferPlainText) : nsIMAPBodypart(partNum, parentPart), mPreferPlainText(preferPlainText) And when nsIMAPBodypart is destroyed: nsIMAPBodypart::~nsIMAPBodypart() { PR_FREEIF(m_partNumberString); PR_FREEIF(m_contentType); PR_FREEIF(m_bodyType); PR_FREEIF(m_bodySubType); PR_FREEIF(m_bodyID); PR_FREEIF(m_bodyDescription); PR_FREEIF(m_bodyEncoding); PR_FREEIF(m_partData); PR_FREEIF(m_headerData); PR_FREEIF(m_boundaryData); } So these members need to be dynamically allocated. QED.
I suggest to clarify the comment regarding this issue. TIA
Attachment #8887843 - Flags: review?(rkent)
Comment on attachment 8887843 [details] [diff] [review] Clarify why |strdup| calls are necessary. Review of attachment 8887843 [details] [diff] [review]: ----------------------------------------------------------------- You are explaining why the strdup is needed (and not a memory leak) as written, but not really explaining why the code needs to be written that way. I don't believe that it does. It seems to me like the correct approach is to make those two parameters const char* instead of char*, then removing both the strdup as well as release in the destruct or. Other places where m_bodyType or m_bodySubType are set would need the same treatment. But I easily get confused in all of this const nonsense, so correct me if I am wrong.
Attachment #8887843 - Flags: review?(rkent) → review-
(In reply to Kent James (:rkent) from comment #7) > Comment on attachment 8887843 [details] [diff] [review] > Clarify why |strdup| calls are necessary. > > Review of attachment 8887843 [details] [diff] [review]: > ----------------------------------------------------------------- > > You are explaining why the strdup is needed (and not a memory leak) as > written, but not really explaining why the code needs to be written that > way. I don't believe that it does. > Now I see what the original question was asking. I only thought the question was asking why strdup() was necessary. That was simple, but no, I now realize the real question/request is NOT that simple. > It seems to me like the correct approach is to make those two parameters > const char* instead of char*, then removing both the strdup as well as > release in the destruct or. Other places where m_bodyType or m_bodySubType > are set would need the same treatment. > > But I easily get confused in all of this const nonsense, so correct me if I > am wrong. OK, my take on this is: there are simply too many places where PL_strdup() and friends are used to cope with the parameters that are freed on the class object destruction. The design seems to assume the allocation on the user side and release on the object destruction. Since there are simply too many calls of PL_strdup() and friends involved to change the behavior of destruction to release the passed members and not releasing them, I will come back to this when other bugzilla issues are solved (and not exactly sure when.).
(In reply to ISHIKAWA, Chiaki from comment #8) > ... > Since there are simply too many calls of PL_strdup() and friends involved > to change the behavior of destruction to release the passed members and not > releasing them, Are you suggesting an comprehensive overhaul of these calls? In a new bug?
Flags: needinfo?(ishikawa)
Summary: Investigate nsIMAPBodypartMessage string initiation in nsImapServerResponseParser::bodystructure_data() → Investigate nsIMAPBodypartMessage string initiation copies a literal in nsImapServerResponseParser::bodystructure_data()
(In reply to Wayne Mery (:wsmwk) from comment #9) > (In reply to ISHIKAWA, Chiaki from comment #8) > > ... > > Since there are simply too many calls of PL_strdup() and friends involved > > to change the behavior of destruction to release the passed members and not > > releasing them, > > Are you suggesting an comprehensive overhaul of these calls? In a new bug? I believe that I mentioned this for this particular file/function. I will look into this after the M-C/C-C layout change is over (from the previous C-C/M-C layout). Almost finished, but somehow I have uncovered a host of source code issues. One is potentially crash-inducing bug :-(
Flags: needinfo?(ishikawa)
Severity: normal → S3

(In reply to ISHIKAWA, Chiaki from comment #10)

I will look into this after the M-C/C-C layout change is over (from the
previous C-C/M-C layout). Almost finished, but somehow I have uncovered a
host of source code issues. One is potentially crash-inducing bug :-(

Is there a bug number for this?

Flags: needinfo?(ishikawa)

(In reply to Wayne Mery (:wsmwk) from comment #11)

(In reply to ISHIKAWA, Chiaki from comment #10)

I will look into this after the M-C/C-C layout change is over (from the
previous C-C/M-C layout). Almost finished, but somehow I have uncovered a
host of source code issues. One is potentially crash-inducing bug :-(

Is there a bug number for this?

I am afraid I have forgotten which bug it was.
But I believe I have filed them four years ago.

Flags: needinfo?(ishikawa)
See Also: → 1285262
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: