Last Comment Bug 633232 - nsIMIMEService.getTypeFromURI(null) crashes [@ nsExternalHelperAppService::GetTypeFromURI(nsIURI*, nsACString_internal&) ]
: nsIMIMEService.getTypeFromURI(null) crashes [@ nsExternalHelperAppService::Ge...
: crash
Product: Core Graveyard
Classification: Graveyard
Component: File Handling (show other bugs)
: Trunk
: All All
-- critical (vote)
: mozilla6
Assigned To: timeless
Depends on:
  Show dependency treegraph
Reported: 2011-02-10 09:22 PST by Dave Garrett
Modified: 2016-06-22 12:16 PDT (History)
3 users (show)
See Also:
QA Whiteboard:
Iteration: ---
Points: ---

patch (719 bytes, patch)
2011-02-27 18:48 PST, timeless
cbiesinger: review+
Details | Diff | Splinter Review

Description User image Dave Garrett 2011-02-10 09:22:52 PST
I stumbled across this when attempting to write drag & drop support for a file.

Easy test: execute this in the Error Console for an crash:

3.6.13 on Windows:  bp-3cc36a71-f34d-4ebe-ac6f-b7d502110210
3.6.13 on Linux:    bp-29bd2e99-cddc-43c0-81fe-7a50d2110210
4.0b12pre on Linux: bp-915d00df-c282-42b0-a675-92edb2110210

Looks like it just needs a null check for aURI up top.
Comment 1 User image Dave Garrett 2011-02-10 09:47:45 PST
getTypeFromFile also crashes -> filed bug 633240
Comment 2 User image Dave Garrett 2011-02-24 12:34:06 PST
Not a candidate for blocking, as far as I can tell. It's been this way since at least Firefox 3.0 and I don't see a way to get at this from the web, though if anyone else does please say so. Requesting wanted+ for all affected branches.
Comment 3 User image timeless 2011-02-27 18:48:57 PST
Created attachment 515545 [details] [diff] [review]
Comment 4 User image Dave Garrett 2011-04-25 11:16:46 PDT
These two crash bugs (bug 633232 & bug 633240) have reviewed one-line patches. Any reason they can't land now? They should at least be able to land on Trunk at this point, I would think. Could they also make Firefox 4.0.1 too?
Comment 5 User image Dão Gottwald [:dao] 2011-04-27 03:16:01 PDT
Comment 6 User image Vlad [QA] 2011-07-27 06:20:43 PDT
How can this be tested?
Comment 7 User image Dave Garrett 2011-07-27 09:17:39 PDT
(In reply to comment #6)
> How can this be tested?

These two bugs (bug 633232 & bug 633240) both have the necessary one line tests in their descriptions. Just run that one line anywhere with chrome privileges. The lazy test is to dump it into the Error Console code evaluation field, but a proper test could be written to run it if desired. When either is run on anything prior to the fix landing in Gecko 6 it crashes and with the fix it throws an invalid pointer exception as one would expect.

Note You need to log in before you can comment on or make changes to this bug.