Closed
Bug 494099
Opened 15 years ago
Closed 15 years ago
invalid read test_bug381412.hk.gb2312.js
Categories
(Core :: Internationalization, defect)
Tracking
()
RESOLVED
FIXED
People
(Reporter: sayrer, Assigned: smontagu)
References
Details
Attachments
(2 files, 1 obsolete file)
4.75 KB,
text/plain
|
Details | |
10.20 KB,
patch
|
emk
:
review+
|
Details | Diff | Splinter Review |
see attached
Reporter | ||
Comment 1•15 years ago
|
||
Updated•15 years ago
|
Assignee: nobody → smontagu
Component: General → Internationalization
QA Contact: general → i18n
Assignee | ||
Comment 3•15 years ago
|
||
So bug 90411 and this are two sides of the same coin: the decoder doesn't take into account that a multi-byte sequence can be split across buffer boundaries, so on the one hand it tries to read to the end of the sequence beyond the end of the input, and on the other hand it fails to decode the end of the sequence correctly at the beginning of the next buffer.
Attachment #381280 -
Flags: review?
Assignee | ||
Updated•15 years ago
|
Attachment #381280 -
Flags: review? → review?(VYV03354)
Comment 4•15 years ago
|
||
Comment on attachment 381280 [details] [diff] [review] Patch > + if (!oddByte) { > + if (srcByte & 0x80 || srcByte == HZLEAD1 || mHZState == HZ_STATE_GB) { > + oddByte = srcByte; NUL bytes will be ignored in GB mode. Is it intentional?
Assignee | ||
Comment 5•15 years ago
|
||
Yes, good catch, it wasn't intentional :)
Attachment #381280 -
Attachment is obsolete: true
Attachment #383152 -
Flags: review?(VYV03354)
Attachment #381280 -
Flags: review?(VYV03354)
Updated•15 years ago
|
Attachment #383152 -
Flags: review?(VYV03354) → review+
Assignee | ||
Comment 6•15 years ago
|
||
http://hg.mozilla.org/mozilla-central/rev/92a9095b9b0b
Status: NEW → RESOLVED
Closed: 15 years ago
Flags: in-testsuite+
Resolution: --- → FIXED
Updated•11 years ago
|
Group: core-security
You need to log in
before you can comment on or make changes to this bug.
Description
•