Closed Bug 417384 Opened 12 years ago Closed 12 years ago
"ASSERTION: Span level will be negative"
Smaug, remember those assertions you added for in bug 409990? :) ###!!! ASSERTION: Span level will be negative!: 'mSpanLevel', file /Users/jruderman/trunk/mozilla/content/base/src/nsPlainTextSerializer.cpp, line 948 Cautiously filing as security-sensitive because the last time this kind of thing happened (bug 409990), it caused memory corruption.
This isn't critical, since mSpanLevel isn't used for array indexing or anything. But I'll look at this.
Ok, this is bad after all. mInHead doesn't take account nested head elements. So changing from bool to a counter. But have to make nsPlainTextSerializer::OpenHead() no-op, though as far as I see that isn't really used in serializer. It is just something coming from nsIHTMLContentSink and is used only by http://lxr.mozilla.org/seamonkey/source/parser/htmlparser/src/CNavDTD.cpp#3023 In nsHTMLContentSink OpenHead does open head context, but serializer doesn't really have such concept.
Would it make sense to change the variable name from mInHead to mHeadNestingLevel now that it's not a boolean?
Comment on attachment 303269 [details] [diff] [review] proposed patch Let's name it mHeadLevel or something and we should add this to the testsuite.
I don't know how to write a (mochitest or similar) testcase for this, because the interfaces nsPlainTextSerializer implements aren't scriptable.
And the right file
Credit where credit's due, I think -- philor, see comments 5-8.
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.