Closed Bug 438688 Opened 16 years ago Closed 16 years ago

String formatter fails to format the same argument twice

Categories

(Core :: XPCOM, defect)

Product:
Core
Component:
XPCOM
Platform:
x86
Linux
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla1.9.1a2

People

(Reporter: glandium, Assigned: glandium)

Details

Attachments

(1 file, 1 obsolete file)

Same patch, with testcase
1.46 KB, patch
benjamin
: review+
Details | Diff | Splinter Review 
With strings such as "The certificate is only valid for <a id="cert_domain_link" title="%1$S">%1$S</a>", where the first argument is supposed to be formatted twice, the second occurrence is replaced by "(null)", at least on amd64 under linux. This is due to the way va_lists are being used in dosprintf in nsTextFormatter.cpp.
It makes the neterror page for bad certificate read "The certificate is only valid for (null)", which is pretty useless to the user (though hovering displays the correct url thanks to the <a title> around "(null)")
While the first time it is called, u.S = va_arg(ap, const PRUnichar*); gives the proper pointer, the second time, it returns NULL. I guess this does the same on any arch using registers for arguments in function calls.
The attached patch alleviates the issue, but i suspect it might leak some memory (depending on how va_copy is implemented).
Note that there is already a call to va_copy in BuildArgArray, without a corresponding va_end (which is supposed to be mandatory), so it may leak there as well. Note that I don't understand why NumArgState keeps va_lists, while keeping a list of arguments (which you almost build in BuildArgArray) would work, too, provided a union is used in NumArgState. That would avoid va_copys and the problem reported here.
Attached patch patch (obsolete) — Splinter Review 
Assignee: nobody → mh+mozilla
Status: NEW → ASSIGNED

        Attachment #324679 -
        Flags: review?(benjamin)

    
    

    
  
what about other implementations/copies of this dosprintf code?

I see: mozilla/js/src/jsprf.c, mozilla/nsprpub/pr/src/io/prprf.c and  mozilla/xpcom/glue/nsTextFormatter.cpp.

    
    

    
  
Do they need to handle cases where the same argument is formatted several times by the format string ?
Also, if the code is the same (I haven't looked), why not have it in nspr only ? code duplication is bad.

    
    

    
  
Comment on attachment 324679 [details] [diff] [review]
patch

I'd like a unit test, please.

        Attachment #324679 -
        Flags: review?(benjamin) → review-

    
    

    
  


  
The modified test "properly" fails with older nsTextFormatter.cpp and succeeds with the patched one.

        Attachment #324679 -
        Attachment is obsolete: true

        Attachment #325603 -
        Flags: review?(benjamin)

    
  

        Attachment #325603 -
        Flags: review?(benjamin) → review+

    
  
Keywords: checkin-needed

    
    

    
  
http://hg.mozilla.org/index.cgi/mozilla-central/rev/c333478161f6
Status: ASSIGNED → RESOLVED
Closed: 16 years ago
Keywords: checkin-needed
Resolution: --- → FIXED
Target Milestone: --- → mozilla1.9.1a2

    
  
Flags: in-testsuite+

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: