Closed
Bug 600082
Opened 14 years ago
Closed 14 years ago
AT may crash when it frees memory allocated for header cell array by server
Categories
(Core :: Disability Access APIs, defect)
Tracking
()
RESOLVED
FIXED
People
(Reporter: surkov, Assigned: surkov)
References
Details
(Keywords: access)
Attachments
(1 file)
1.12 KB,
patch
|
MarcoZ
:
review+
beltzner
:
approval1.9.2.11+
|
Details | Diff | Splinter Review |
I think the problem we allocate memory by nsMemory::Allocate which is not thread safe. It's reasonable to use CoTaskMemAlloc here (AT use CoTaskMemFree to free memory allocated by Firefox). It was tested as a part of try-server build, it must be safe to land it for Firefox 3.6 as well.
Attachment #478921 -
Flags: review?(bolterbugz)
Attachment #478921 -
Flags: approval1.9.2.11?
Assignee | ||
Updated•14 years ago
|
blocking2.0: --- → ?
Comment 1•14 years ago
|
||
This would be a speedy landing/review, since code freeze for 3.6.11 is tonight, September 28, 2010 11:50 PDT IIRC. I agree this is needed to prevent crashes with assistive technologies properly wanting to support the new table interfaces. Requesting blocking 1.9.2.
blocking1.9.2: --- → ?
Assignee | ||
Comment 2•14 years ago
|
||
Comment on attachment 478921 [details] [diff] [review] patch let's speed up review process :) all we need is to get blocking status for 2.0 and 1.9.2. This is really urgent to land on 1.9.2 because AT developer is going to disable new table interface usage on their side while this bug is not fixed. That would be a big step back.
Attachment #478921 -
Flags: review?(bolterbugz) → review?(marco.zehe)
Comment 3•14 years ago
|
||
Comment on attachment 478921 [details] [diff] [review] patch Yep, this is correct. I remember having seen this kind of problem earlier in my C++ life. :) R=me. Do we have other places in the msaa codebase where this could bite us?
Attachment #478921 -
Flags: review?(marco.zehe) → review+
Assignee | ||
Comment 4•14 years ago
|
||
Yes, but I didn't check it.
Comment 6•14 years ago
|
||
Landed on Alexander's behalf on 2.0: http://hg.mozilla.org/mozilla-central/rev/530a551da062
Status: ASSIGNED → RESOLVED
Closed: 14 years ago
Resolution: --- → FIXED
Comment 7•14 years ago
|
||
Comment on attachment 478921 [details] [diff] [review] patch a=beltzner
Attachment #478921 -
Flags: approval1.9.2.11? → approval1.9.2.11+
Updated•14 years ago
|
blocking1.9.2: ? → needed
Comment 8•14 years ago
|
||
Landed on 1.9.2 on Alexander's behalf: http://hg.mozilla.org/releases/mozilla-1.9.2/rev/7cd8c155da8d
status1.9.2:
--- → .11-fixed
Assignee | ||
Comment 9•14 years ago
|
||
Thanks, Marco!
You need to log in
before you can comment on or make changes to this bug.
Description
•