Closed Bug 472028 Opened 15 years ago Closed 15 years ago

Crash on "Edit Draft" when mail is encrypted [@ mime_decode_filename]

Categories

(MailNews Core :: MIME, defect)

defect
Not set
critical

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: seamonkey-bugs, Assigned: mozbgz)

References

Details

(Keywords: regression)

Attachments

(1 file, 1 obsolete file)

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1b3pre) Gecko/20081202 SeaMonkey/2.0a2
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1b3pre) Gecko/20081202 SeaMonkey/2.0a2

Editing a draft of an encrypted mail crashes SeaMonkey 2.0a2.

Reproducible: Always

Steps to Reproduce:
1. Compose a new e-mail
2. Check "Security -> Encrypt This Message"
3. Save e-mail as a draft
4. Select e-mail in drafts folder and click "Edit Draft"

Actual Results:  
SeaMonkey crashes (all windows disappear) and a crash report dialog is shown.


Expected Results:  
Composer window appears.
Yes, confirming with a SeaMonkey trunk build on WinXP.

Stacktrace:
ChildEBP RetAddr  
0012f514 00d37dc6 mail!mime_decode_filename(char * name = 0x0711b9c8 "smime.p7m", char * charset = 0x00000000 "", class MimeDisplayOptions * opt = 0x00000000)+0x7d [f:\mozilla\tree-hg\src\mailnews\mime\src\mimehdrs.cpp @ 674]
0012f540 00d3bf9d mail!MimeHeaders_get_name(struct MimeHeaders * hdrs = 0x0c739aa0, class MimeDisplayOptions * opt = 0x00000000)+0xce [f:\mozilla\tree-hg\src\mailnews\mime\src\mimehdrs.cpp @ 729]
0012f574 00d3c3c6 mail!mime_find_class(char * content_type = 0x04e64fb8 "application/pkcs7-mime", struct MimeHeaders * hdrs = 0x0c739aa0, class MimeDisplayOptions * opts = 0x00000000, int exact_match_p = 1)+0x6e3 [f:\mozilla\tree-hg\src\mailnews\mime\src\mimei.cpp @ 763]
0012f590 00d3cc1c mail!mime_crypto_object_p(struct MimeHeaders * hdrs = 0x00d3d188, int clearsigned_counts = 100735720)+0x66 [f:\mozilla\tree-hg\src\mailnews\mime\src\mimei.cpp @ 1196]
0012f5b8 00d3d188 mail!MimeMessage_close_headers(struct MimeObject * obj = 0x0012f4bc)+0x59 [f:\mozilla\tree-hg\src\mailnews\mime\src\mimemsg.cpp @ 312]
0012f5d4 00d3f995 mail!MimeMessage_parse_line(char * aLine = 0x0c011640 "..", int aLength = 2, struct MimeObject * obj = 0x0aa20b38)+0x224 [f:\mozilla\tree-hg\src\mailnews\mime\src\mimemsg.cpp @ 286]
0012f5e8 00d3fab9 mail!convert_and_send_buffer(char * buf = 0x0012f4bc "???", int length = 65553, int convert_newlines_p = 13863027, <function> * per_line_fn = 0x06011ae6, void * closure = 0x0000046e)+0x66 [f:\mozilla\tree-hg\src\mailnews\mime\src\mimebuf.cpp @ 184]
0012f608 00d38873 mail!mime_LineBuffer(char * net_buffer = 0x06011ae6 [snip, here was basically the body of the encrypted mail, quite long, so I deleted it], int net_buffer_size = 1134, char ** bufferP = 0x0aa20b60, int * buffer_sizeP = 0x0aa20b68, unsigned int * buffer_fpP = 0x06011ae8, int convert_newlines_p = 1, <function> * per_line_fn = 0x00d3cf64, void * closure = 0x0aa20b38)+0x11a [f:\mozilla\tree-hg\src\mailnews\mime\src\mimebuf.cpp @ 272]
0012f62c 00d31591 mail!MimeObject_parse_buffer(char * buffer = 0x000004ac "", int size = 1242904, struct MimeObject * obj = 0x00a50000)+0x2f [f:\mozilla\tree-hg\src\mailnews\mime\src\mimeobj.cpp @ 275]
0012f63c 00d2cef5 mail!mime_parse_stream_write(struct _nsMIMESession * stream = 0x000004ac, char * buf = 0x0012f718 "", int size = 10813440)+0x22 [f:\mozilla\tree-hg\src\mailnews\mime\src\mimedrft.cpp @ 440]
0012fb54 00c60d16 mail!nsStreamConverter::OnDataAvailable(class nsIRequest * request = 0x0c6c62e4, class nsISupports * ctxt = 0x0c26a210, class nsIInputStream * aIStream = 0x061dc200, unsigned int sourceOffset = 0, unsigned int aLength = 0x784)+0x152 [f:\mozilla\tree-hg\src\mailnews\mime\src\nsstreamconverter.cpp @ 938]
0012fb98 00c60f06 mail!nsMailboxProtocol::ReadMessageResponse(class nsIInputStream * inputStream = 0x061dc200, unsigned int sourceOffset = 0, unsigned int length = 0x784)+0x38 [f:\mozilla\tree-hg\src\mailnews\local\src\nsmailboxprotocol.cpp @ 593]
0012fbbc 00d64630 mail!nsMailboxProtocol::ProcessProtocolState(class nsIURI * url = 0x0c26a214, class nsIInputStream * inputStream = 0x061dc200, unsigned int offset = 0, unsigned int length = 0x784)+0x99 [f:\mozilla\tree-hg\src\mailnews\local\src\nsmailboxprotocol.cpp @ 691]
*** WARNING: Unable to verify checksum for F:\mozilla\tree-hg\obj-suite\mozilla\dist\bin\components\necko.dll
0012fbd8 00ffec52 mail!nsMsgProtocol::OnDataAvailable(class nsIRequest * request = 0x0692db98, class nsISupports * ctxt = 0x0c26a214, class nsIInputStream * inStr = 0x061dc200, unsigned int sourceOffset = 0, unsigned int count = 0x784)+0x23 [f:\mozilla\tree-hg\src\mailnews\base\util\nsmsgprotocol.cpp @ 347]
0012fc1c 00ffed9f necko!nsInputStreamPump::OnStateTransfer(void)+0xcf [f:\mozilla\tree-hg\src\mozilla\netwerk\base\src\nsinputstreampump.cpp @ 508]
*** WARNING: Unable to verify checksum for F:\mozilla\tree-hg\obj-suite\mozilla\dist\bin\xpcom_core.dll
0012fc2c 0029b2bc necko!nsInputStreamPump::OnInputStreamReady(class nsIAsyncInputStream * stream = 0x061dc200)+0x34 [f:\mozilla\tree-hg\src\mozilla\netwerk\base\src\nsinputstreampump.cpp @ 399]
0012fc3c 002a8a17 xpcom_core!nsInputStreamReadyEvent::Run(void)+0x1c [f:\mozilla\tree-hg\src\mozilla\xpcom\io\nsstreamutils.cpp @ 112]
Severity: normal → critical
Status: UNCONFIRMED → NEW
Component: MailNews: Composition → MIME
Ever confirmed: true
Product: SeaMonkey → MailNews Core
QA Contact: mailnews-composition → mime
Summary: Crash on "Edit Draft" when mail is encrypted → Crash on "Edit Draft" when mail is encrypted [@ mime_decode_filename]
Version: unspecified → Trunk
Kaspar: Can you take a look at this bug here? I think this is a regression from Bug 456250 as with the patch from that bug the call stack for editing an encrypted draft is like this:
http://hg.mozilla.org/comm-central/annotate/d931814567e5/mailnews/mime/src/mimei.cpp#l1195
 clazz = mime_find_class (ct, hdrs, 0, PR_TRUE);
calls mime_find_class, which the patch changed to
  char *name = (hdrs ? MimeHeaders_get_name(hdrs, opts) : nsnull); (opts is 0 from the mime_find_class call above)
MimeHeaders_get_name calls
  mime_decode_filename(name, charset, opt); (opt is opts)
which tries to access
  opt->default_charset
=> crash.
Blocks: 456250
Keywords: regression
(In reply to comment #2)
> Kaspar: Can you take a look at this bug here? I think this is a regression from
> Bug 456250

Yes, indeed. Attached is a possible fix, though I'm not yet sure if it's really ok to call nsMIMEHeaderParamImpl::DecodeParameter with nsnull for both aCharset and aDefaultCharset... will look into it further.
Assignee: nobody → mozbugzilla
Status: NEW → ASSIGNED
Attached patch Proposed fixSplinter Review
Errm, got the argument wrong off-by-one. It's aDefaultCharset and aOverrideCharset which we're considering here, and they can be nsnull and PR_FALSE, respectively (it's what default_charset and override_charset are initialized to).

David, could you review? Or somebody else?
Attachment #355596 - Attachment is obsolete: true
Attachment #355919 - Flags: review?(bienvenu)
OS: Windows XP → All
Hardware: x86 → All
Comment on attachment 355919 [details] [diff] [review]
Proposed fix

looks ok, thx.
Attachment #355919 - Flags: superreview+
Attachment #355919 - Flags: review?(bienvenu)
Attachment #355919 - Flags: review+
Keywords: checkin-needed
Checked into comm-central, changeset 6ca4e14f68d2.
Status: ASSIGNED → RESOLVED
Closed: 15 years ago
Keywords: checkin-needed
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.