Closed
Bug 486482
Opened 15 years ago
Closed 15 years ago
null deref [@ nsPluginNativeWindowGtk2::CreateXEmbedWindow ]
Categories
(Core Graveyard :: Plug-ins, defect)
Tracking
(status1.9.1 wanted)
RESOLVED
FIXED
mozilla1.9.2a1
| Tracking | Status | |
|---|---|---|
| status1.9.1 | --- | wanted |
People
(Reporter: stransky, Assigned: stransky)
Details
(Keywords: crash)
Crash Data
Attachments
(1 file)
|
1.30 KB,
patch
|
jaas
:
review+
jst
:
superreview+
dveditz
:
approval1.9.1.4-
|
Details | Diff | Splinter Review |
Downstream bug https://bugzilla.redhat.com/show_bug.cgi?id=491477 There's a null deref in nsPluginNativeWindowGtk2::CreateXEmbedWindow() (gdb) where #0 0x0000003e9ec0efab in raise () from /lib64/libpthread.so.0 #1 0x0000003f4fa30f05 in nsProfileLock::FatalSignalHandler (signo=11) at nsProfileLock.cpp:212 #2 <signal handler called> #3 nsPluginNativeWindowGtk2::CreateXEmbedWindow (this=0x2e283c0) at nsPluginNativeWindowGtk2.cpp:209 (gdb) list nsPluginNativeWindowGtk2.cpp:209 204 window = (nsPluginPort *)gtk_socket_get_id(GTK_SOCKET(mSocketWidget)); 205 206 // Fill out the ws_info structure. 207 // (The windowless case is done in nsObjectFrame.cpp.) 208 GdkWindow *gdkWindow = gdk_window_lookup((XID)window); 209 mWsInfo.display = GDK_WINDOW_XDISPLAY(gdkWindow); 210 mWsInfo.colormap = GDK_COLORMAP_XCOLORMAP(gdk_drawable_get_colormap(gdkWindow)); 211 GdkVisual* gdkVisual = gdk_drawable_get_visual(gdkWindow); 212 mWsInfo.visual = GDK_VISUAL_XVISUAL(gdkVisual); 213 mWsInfo.depth = gdkVisual->depth; (gdb) select 3 (gdb) print window $1 = (struct nsPluginPort *) 0x0 (gdb) print gdkWindow $2 = <value optimized out> window && gdkWindow are NULL so: mWsInfo.display = GDK_WINDOW_XDISPLAY(gdkWindow); produces a segfault. It seems to affect all branches (1.9.0, 1.9.1 and Trunk).
|
Assignee | |
Comment 1•15 years ago
|
||
|
|
Assignee | |
Updated•15 years ago
|
Attachment #370613 -
Attachment description: patch → patch for 1.9.1
|
|
Assignee | |
Updated•15 years ago
|
Attachment #370613 -
Flags: review?(jst)
|
|
Assignee | |
Comment 2•15 years ago
|
||
Comment on attachment 370613 [details] [diff] [review] patch for 1.9.1 Can you please review this one?
Attachment #370613 -
Flags: review?(jst) → review+
Comment on attachment 370613 [details] [diff] [review] patch for 1.9.1 + return(NS_ERROR_FAILURE); Should just be "return NS_ERROR_FAILURE;", no parens. Otherwise looks good.
|
||
Updated•15 years ago
|
Attachment #370613 -
Flags: superreview+
|
||
Comment 5•15 years ago
|
||
http://hg.mozilla.org/mozilla-central/rev/f2a58ffcd00c
Assignee: nobody → stransky
Status: NEW → RESOLVED
Closed: 15 years ago
Keywords: checkin-needed
Resolution: --- → FIXED
Target Milestone: --- → mozilla1.9.2a1
|
|
||
Updated•15 years ago
|
Attachment #370613 -
Flags: approval1.9.1.2?
|
||
Updated•15 years ago
|
Attachment #370613 -
Flags: approval1.9.1.2? → approval1.9.1.3?
|
||
Comment 6•15 years ago
|
||
Comment on attachment 370613 [details] [diff] [review] patch for 1.9.1 Approved for 1.9.1.4, a=dveditz for release-drivers
Attachment #370613 -
Flags: approval1.9.1.3? → approval1.9.1.4+
|
|
Assignee | |
Updated•15 years ago
|
Keywords: checkin-needed
|
|
Assignee | |
Comment 7•15 years ago
|
||
Oh sorry, seems to be already in. clearing the flag.
Keywords: checkin-needed
|
|
||
Comment 8•15 years ago
|
||
Comment on attachment 370613 [details] [diff] [review] patch for 1.9.1 past code-freeze for 1.9.1.4, removing non-blocker approval.
Attachment #370613 -
Flags: approval1.9.1.4+ → approval1.9.1.4-
|
|
||
Updated•15 years ago
|
status1.9.1:
--- → wanted
|
||
Updated•13 years ago
|
Crash Signature: [@ nsPluginNativeWindowGtk2::CreateXEmbedWindow ]
|
||
Updated•2 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•