Closed
Bug 42208
Opened 26 years ago
Closed 25 years ago
Insert/HTML Source <img src=internal-attachment-icon> crashes
Categories
(Core :: DOM: Editor, defect, P3)
Tracking
()
VERIFIED
WORKSFORME
M17
People
(Reporter: neil, Assigned: pnunn)
Details
(Keywords: crash)
From Bugzilla Helper:
BuildID: 2000060820
Null pointer dereference in IMG3250.DLL when Insert/HTML Source is used to
insert <img src=internal-attachment-icon>
Reproducible: Always
Steps to Reproduce:
1. Edit a page, or open a new blank page to edit.
2. Insert/HTML Source
3. Type <img src=internal-attachment-icon>
4. Click OK.
Actual Results: Access violation (null pointer) in IMG3250.DLL
Expected Results: Some sort of indication that an image was inserted.
|
||
Comment 1•26 years ago
|
||
asigning to cmanske
Assignee: beppe → cmanske
Status: UNCONFIRMED → NEW
Ever confirmed: true
Target Milestone: --- → M17
|
|
||
Comment 3•25 years ago
|
||
Please explain why "internal-attachment-icon" is supposed to be valid
value for the src attribute. Also, all attribute values are supposed to be
quoted. Did you try
<img src="internal-attachment-icon"> ?
If there's any crash, it is in the image loading code.
|
Reporter | |
Comment 4•25 years ago
|
||
I was idly inserting Netscape internal images to see how Mozilla would handle
them. internal-attachment-icon is a valid image source in Netscape with or
without quotes. If I open a page with <img src=internal-attachment-icon> it just
displays nothing, it's the act of inserting the HTML which crashes Mozilla.
|
|
||
Comment 5•25 years ago
|
||
The image dialog won't even let me use "internal-attachment-icon" as the
value in the "Image URL" textfield, since it validates agains ".gif, .jpeg, and
.jpg, and .png" files extensions only. So I get an error message telling me this
If you can reproduce this, please paste a stack of where it crashes, if you can.
|
|
Reporter | |
Comment 6•25 years ago
|
||
Which is why I used Insert/HTML Source...
MOZILLA caused an invalid page fault in module IMG3250.DLL at 0157:60ae4332.
Registers:
EAX=00000000 CS=0157 EIP=60ae4332 EFLGS=00010246
EBX=0c758d80 SS=015f ESP=0068b4e8 EBP=0068b510
ECX=0c758d50 DS=015f ESI=00000000 FS=1a1f
EDX=0068b588 ES=015f EDI=0c758de0 GS=0000
Bytes at CS:EIP:
83 78 18 04 75 04 8b 40 58 c3 33 c0 c3 8b 44 24
Stack dump:
60a63efe 0c758d50 0c758da0 0c758d80 0068b534 60c67bca 0c63353c 60942859
0c758720 00000000 0068b538 60ae6a2d 0c758d50 00000010 0068b558 0c758de0
Microsoft Developer Studio
Unhandled exception in mozilla.exe (IMG3250.DLL): 0xC0000005: Access Violation.
Call Stack
IMG3250! 60ae4332()
IMG3250! 60ae6a2d()
IMG3250! 60ae2fc0()
IMG3250! 60ae38d6()
GKGFXWIN! 60a64126()
GKGFXWIN! 60a623a7()
GKHTML! 601ca6f3()
GKHTML! 601c1f2a()
GKHTML! 601ef62d()
GKHTML! 601ef8ca()
GKHTML! 601e4475()
GKHTML! 601e4500()
GKHTML! 601e60a2()
GKHTML! 601ecddb()
GKHTML! 601ecc7a()
GKHTML! 601ecb65()
GKHTML! 601eca37()
GKHTML! 601ebdf1()
GKHTML! 601eb99c()
GKHTML! 601eacee()
GKHTML! 601f246f()
GKHTML! 601ec6c6()
GKHTML! 601ebbd9()
GKHTML! 601eb99c()
GKHTML! 601eacee()
GKHTML! 601e0af0()
GKHTML! 601cd1af()
GKHTML! 6027b7e4()
GKHTML! 6027b404()
GKHTML! 6028f6a1()
GKHTML! 6027536b()
GKHTML! 60290c0a()
GKHTML! 60290c45()
GKHTML! 6026265c()
GKHTML! 602905bb()
GKHTML! 601e0af0()
GKHTML! 6028f00e()
GKHTML! 601e3fad()
GKHTML! 601dce70()
GKHTML! 601dc198()
GKHTML! 601dad32()
EDITOR! 60131c1c()
EDITOR! 6014da98()
EDITOR! 601223f6()
EDITOR! 60146812()
EDITOR! 6015b3d5()
XPCOM! 60cfdc69()
XPC3250! 609ed848()
XPC3250! 609ee029()
JS3250! 60b24f0a()
JS3250! 60b293bc()
JS3250! 60b24f4a()
JS3250! 60b25148()
JS3250! 60b13c96()
JSDOM! 60b6de09()
JSDOM! 60b81706()
GKHTML! 60284498()
GKHTML! 60284c8a()
RDF! 60712dba()
GKHTML! 601dcb72()
GKHTML! 601dcae6()
GKHTML! 6028837e()
GKHTML! 602876f9()
GKHTML! 601dcbff()
GKHTML! 601dca98()
GKVIEW! 60361c4e()
GKVIEW! 60369c86()
GKVIEW! 603625d3()
GKWIDGET! 60ac5ccf()
GKWIDGET! 60ac85ef()
GKWIDGET! 60ac8925()
GKWIDGET! 60ac612f()
KERNEL32! bff735d9()
KERNEL32! bff9222f()
Disassembly
60AE431C 8B 4C 24 04 mov ecx,dword ptr [esp+4]
60AE4320 85 C9 test ecx,ecx
60AE4322 74 0C je 60AE4330
60AE4324 8B 01 mov eax,dword ptr [ecx]
60AE4326 85 C0 test eax,eax
60AE4328 74 06 je 60AE4330
60AE432A 83 78 18 20 cmp dword ptr [eax+18h],20h
60AE432E 74 08 je 60AE4338
60AE4330 8B 01 mov eax,dword ptr [ecx]
60AE4332 83 78 18 04 cmp dword ptr [eax+18h],4
60AE4336 75 04 jne 60AE433C
60AE4338 8B 40 58 mov eax,dword ptr [eax+58h]
60AE433B C3 ret
|
|
Reporter | |
Comment 7•25 years ago
|
||
60AE433C 33 C0 xor eax,eax
60AE433E C3 ret
|
|
||
Comment 8•25 years ago
|
||
Sorry, I was being dense about where you set the src value.
Pam: This is crashing because image_req->ic is null in IL_GetImagePixmap()
Assignee: cmanske → pnunn
Status: ASSIGNED → RESOLVED
Closed: 25 years ago
Resolution: --- → FIXED
|
|
Assignee | |
Comment 10•25 years ago
|
||
The icon is no longer accessed by "internal-attachment-icon".
Many internal icon names have changed.
The icon you were trying to access is now attachment.gif.
If you are concerned that you can't access the icon by that name,
reopen this bug and assign it to ben@netscape.com. I'm not sure of
the component, but I would start with 'skinability'.
-p
|
|
Assignee | |
Comment 11•25 years ago
|
||
reopening so I can reclose as wontfix.
-p
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
|
|
Assignee | |
Comment 12•25 years ago
|
||
Closing as invalid as internal image names have changed.
-p
Status: REOPENED → RESOLVED
Closed: 25 years ago → 25 years ago
Resolution: --- → WONTFIX
|
|
Reporter | |
Comment 13•25 years ago
|
||
Reopening so that I can close as WORKSFORME
Status: RESOLVED → REOPENED
Resolution: WONTFIX → ---
|
|
Reporter | |
Comment 14•25 years ago
|
||
Mozilla no longer crashes, it just inserts a placeholder.
Status: REOPENED → RESOLVED
Closed: 25 years ago → 25 years ago
Resolution: --- → WORKSFORME
You need to log in
before you can comment on or make changes to this bug.
Description
•