Closed
Bug 527437
Opened 15 years ago
Closed 15 years ago
Opening from local file system cause Valgrind Conditional jump or move depends on uninitialised value(s)
Categories
(Core :: Networking: Cookies, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 526789
People
(Reporter: romaxa, Unassigned)
References
()
Details
Attachments
(2 files)
631 bytes,
patch
|
dwitte
:
review-
|
Details | Diff | Splinter Review |
1.12 KB,
text/html
|
Details |
==25070== Conditional jump or move depends on uninitialised value(s) ==25070== at 0x40219FD: index (in /targets/fr2009x86/usr/lib/valgrind/x86-linux/vgpreload_memcheck.so) ==25070== by 0x4AACC57: nsCookieService::GetCookieInternal(nsIURI*, nsIChannel*, int, char**) (nsCookieService.cpp:1325) ==25070== by 0x4AAD14C: nsCookieService::GetCookieString(nsIURI*, nsIChannel*, char**) (nsCookieService.cpp:723) ==25070== by 0x4E1A79A: nsHTMLDocument::GetCookie(nsAString_internal&) (nsHTMLDocument.cpp:1758) ==25070== by 0x49F81D0: nsIDOMHTMLDocument_GetCookie(JSContext*, JSObject*, int, int*) (dom_quickstubs.cpp:10239) ==25070== by 0x565E9F6: js_NativeGet (jsscope.h:603) ==25070== by 0x565FBE4: js_GetPropertyHelper (jsobj.cpp:4270) ==25070== by 0x5642ADA: js_Interpret (jsops.cpp:1518) ==25070== by 0x56519F7: js_Invoke (jsinterp.cpp:1368) ==25070== by 0x563A9EB: js_fun_call (jsfun.cpp:1948) ==25070== by 0x564ADB8: js_Interpret (jsops.cpp:2208) ==25070== by 0x5650DC0: js_Execute (jsinterp.cpp:1601) ==25070== by 0x560806B: JS_EvaluateUCScriptForPrincipals (jsapi.cpp:5108) ==25070== by 0x4E797B2: nsJSContext::EvaluateString(nsAString_internal const&, void*, nsIPrincipal*, char const*, unsigned int, u ==25070== by 0x4D5480B: nsScriptLoader::EvaluateScript(nsScriptLoadRequest*, nsString const&) (nsScriptLoader.cpp:690) ==25070== by 0x4D5516F: nsScriptLoader::ProcessRequest(nsScriptLoadRequest*) (nsScriptLoader.cpp:604) ==25070== by 0x4D5578E: nsScriptLoader::ProcessPendingRequests() (nsScriptLoader.cpp:744) ==25070== by 0x4D55980: nsScriptLoader::OnStreamComplete(nsIStreamLoader*, nsISupports*, unsigned int, unsigned int, unsigned cha ==25070== by 0x4A42778: nsStreamLoader::OnStopRequest(nsIRequest*, nsISupports*, unsigned int) (nsStreamLoader.cpp:127) ==25070== by 0x4A55C9D: nsHTTPCompressConv::OnStopRequest(nsIRequest*, nsISupports*, unsigned int) (nsHTTPCompressConv.cpp:127) ==25070== by 0x4A4222E: nsStreamListenerTee::OnStopRequest(nsIRequest*, nsISupports*, unsigned int) (nsStreamListenerTee.cpp:65) ==25070== by 0x4A9981F: nsHttpChannel::OnStopRequest(nsIRequest*, nsISupports*, unsigned int) (nsHttpChannel.cpp:5255) ==25070== by 0x4A28C44: nsInputStreamPump::OnStateStop() (nsInputStreamPump.cpp:576) ==25070== by 0x4A29748: nsInputStreamPump::OnInputStreamReady(nsIAsyncInputStream*) (nsInputStreamPump.cpp:401) ==25070== by 0x530C911: nsInputStreamReadyEvent::Run() (nsStreamUtils.cpp:112) ==25070== by 0x5320571: nsThread::ProcessNextEvent(int, int*) (nsThread.cpp:527) ==25070== by 0x52E938C: NS_ProcessPendingEvents_P(nsIThread*, unsigned int) (nsThreadUtils.cpp:189) ==25070== by 0x52AC6DE: nsBaseAppShell::NativeEventCallback() (nsBaseAppShell.cpp:121) ==25070== by 0x52A26D8: nsAppShell::EventProcessorCallback(_GIOChannel*, GIOCondition, void*) (nsAppShell.cpp:71) ==25070== by 0x41336C6: g_io_unix_dispatch (giounix.c:162) ==25070== by 0x40FEE3B: g_main_context_dispatch (gmain.c:1836) ==25070== by 0x41023C4: g_main_context_iterate (gmain.c:2467) ==25070== by 0x41026B7: g_main_loop_run (gmain.c:2675)
Attachment #411165 -
Flags: review?(cbiesinger)
Reporter | ||
Comment 1•15 years ago
|
||
Updated•15 years ago
|
Attachment #411165 -
Flags: review?(cbiesinger) → review?(dwitte)
Comment 2•15 years ago
|
||
Comment on attachment 411165 [details] [diff] [review] Possible fix let me pass this one on to dwitte :)
Comment 3•15 years ago
|
||
Comment on attachment 411165 [details] [diff] [review] Possible fix Interesting how three people have independently found the same bug within the last five days. And it's been around for a while! >+ const char *nextDot = hostFromURI.Length() > 1 ? currentDot + 1 : nsnull; The existing code kinda assumes the invariant that we never get passed an empty host. Which is false in this case for file:// URI's, and false in other parts of the code where we get passed an empty host string directly via API. We should enforce non-empty host as a precondition instead. Let's move this to bug 526789, and I'll whip up a patch to cover all the instances.
Attachment #411165 -
Flags: review?(dwitte) → review-
Updated•15 years ago
|
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•