Closed
Bug 645586
Opened 13 years ago
Closed 6 years ago
crash in nsImapServerResponseParser::msg_fetch_literal
Categories
(MailNews Core :: Networking: IMAP, defect)
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 1264302
People
(Reporter: wsmwk, Unassigned)
References
Details
(Keywords: crash)
Crash Data
crash [@ strlen | nsImapServerResponseParser::msg_fetch_literal(int, int)] from crash-stats bp-5dab4f32-7325-405c-b15e-444d02100920 "Change the character encoding to UTF-8" EXCEPTION_ACCESS_VIOLATION_READ 0x0 0 mozcrt19.dll strlen strlen.asm:81 1 thunderbird.exe nsImapServerResponseParser::msg_fetch_literal mailnews/imap/src/nsImapServerResponseParser.cpp:3105 2 thunderbird.exe nsImapServerResponseParser::msg_fetch_content mailnews/imap/src/nsImapServerResponseParser.cpp:2127 3 thunderbird.exe nsImapServerResponseParser::mime_part_data mailnews/imap/src/nsImapServerResponseParser.cpp:2643 4 thunderbird.exe nsImapServerResponseParser::msg_fetch mailnews/imap/src/nsImapServerResponseParser.cpp:1329 5 thunderbird.exe nsImapServerResponseParser::response_data mailnews/imap/src/nsImapServerResponseParser.cpp:757 6 thunderbird.exe nsImapServerResponseParser::ParseIMAPServerResponse mailnews/imap/src/nsImapServerResponseParser.cpp:246 7 thunderbird.exe nsImapProtocol::ParseIMAPandCheckForNewMail mailnews/imap/src/nsImapProtocol.cpp:1891 8 thunderbird.exe nsImapProtocol::FetchMessage mailnews/imap/src/nsImapProtocol.cpp:3452 9 thunderbird.exe nsImapProtocol::FetchTryChunking mailnews/imap/src/nsImapProtocol.cpp:3517 10 thunderbird.exe nsIMAPBodypart::GeneratePart mailnews/imap/src/nsIMAPBodyShell.cpp:504 11 thunderbird.exe nsIMAPBodypartLeaf::Generate mailnews/imap/src/nsIMAPBodyShell.cpp:639 12 thunderbird.exe nsIMAPBodypartMultipart::Generate mailnews/imap/src/nsIMAPBodyShell.cpp:1050 13 thunderbird.exe nsIMAPBodypartMessage::Generate mailnews/imap/src/nsIMAPBodyShell.cpp:899 14 thunderbird.exe nsIMAPBodypartMultipart::Generate mailnews/imap/src/nsIMAPBodyShell.cpp:1050 15 thunderbird.exe nsIMAPBodypartMessage::Generate mailnews/imap/src/nsIMAPBodyShell.cpp:899 16 thunderbird.exe nsIMAPBodyShell::Generate mailnews/imap/src/nsIMAPBodyShell.cpp:309 bp-087fa015-262a-4b28-8669-485352101221 same crash as nsImapServerResponseParser::msg_fetch_literal(int, int)? bp-0812558f-41ce-42ab-918f-8f94e2110321 bp-e8b35f8b-5bc9-4c08-bf09-45ca92101112
in theory fCurrentLine is null, there's one null check in the file so it can be null in some circumstances, but there are quite a few uses.
Assignee | ||
Updated•13 years ago
|
Crash Signature: [@ strlen | nsImapServerResponseParser::msg_fetch_literal(int, int)]
Reporter | ||
Comment 2•10 years ago
|
||
(In reply to timeless from comment #1) > in theory fCurrentLine is null, there's one null check in the file so it can > be null in some circumstances, but there are quite a few uses. crash currently exists as zzz_AsmCodeRange_Begin | nsImapServerResponseParser::msg_fetch_literal(bool, int) 0 msvcr100.dll zzz_AsmCodeRange_Begin f:\dd\vctools\crt_bld\SELF_X86\crt\src\INTEL\strlen.asm:81 1 xul.dll nsImapServerResponseParser::msg_fetch_literal(bool, int) mailnews/imap/src/nsImapServerResponseParser.cpp 2 xul.dll nsImapServerResponseParser::msg_fetch_content(bool, int, char const*) mailnews/imap/src/nsImapServerResponseParser.cpp 3 xul.dll nsImapServerResponseParser::mime_part_data() mailnews/imap/src/nsImapServerResponseParser.cpp 4 xul.dll nsImapServerResponseParser::msg_fetch() mailnews/imap/src/nsImapServerResponseParser.cpp 5 xul.dll nsImapServerResponseParser::response_data() mailnews/imap/src/nsImapServerResponseParser.cpp 6 xul.dll nsImapServerResponseParser::ParseIMAPServerResponse(char const*, bool, char*) mailnews/imap/src/nsImapServerResponseParser.cpp 7 xul.dll nsImapProtocol::ParseIMAPandCheckForNewMail(char const*, bool) mailnews/imap/src/nsImapProtocol.cpp 8 xul.dll nsImapProtocol::FetchMessage(nsCString const&, nsIMAPeFetchFields, char const*, unsigned int, unsigned int, char*) mailnews/imap/src/nsImapProtocol.cpp 9 xul.dll nsImapProtocol::FetchTryChunking(nsCString const&, nsIMAPeFetchFields, bool, char*, unsigned int, bool) mailnews/imap/src/nsImapProtocol.cpp 10 xul.dll nsIMAPBodypart::GeneratePart(nsIMAPBodyShell*, bool, bool) mailnews/imap/src/nsIMAPBodyShell.cpp http://hg.mozilla.org/releases/comm-esr24/annotate/a908efbe7f74/mailnews/imap/src/nsImapServerResponseParser.cpp#l2682 hg@0 2680 PR_Free(checkOriginToken); hg@0 2681 AdvanceToNextToken(); hg@0 2682 msg_fetch_content(originFound, origin, MESSAGE_RFC822); // keep content type as message/rfc822, even though the http://hg.mozilla.org/releases/comm-esr24/annotate/a908efbe7f74/mailnews/imap/src/nsImapServerResponseParser.cpp#l2158 hg@0 2142 // setup the stream for downloading this message. hg@0 2143 // Don't do it if we are filling in a shell or downloading a part. hg@0 2144 // DO do it if we are downloading a whole message as a result of hg@0 2145 // an invalid shell trying to generate. hg@0 2146 if ((!chunk || (origin == 0)) && !GetDownloadingHeaders() && bugzilla@10318 2147 (GetFillingInShell() ? m_shell->GetGeneratingWholeMessage() : true)) hg@0 2148 { hg@0 2149 if (NS_FAILED(BeginMessageDownload(content_type))) hg@0 2150 return; hg@0 2151 } irving@12681 2152 hg@0 2153 if (PL_strcasecmp(fNextToken, "NIL")) hg@0 2154 { hg@0 2155 if (*fNextToken == '"') irving@12681 2156 fLastChunk = msg_fetch_quoted(); hg@0 2157 else hg@0 2158 fLastChunk = msg_fetch_literal(chunk, origin); http://hg.mozilla.org/releases/comm-esr24/annotate/a908efbe7f74/mailnews/imap/src/nsImapServerResponseParser.cpp#l3150 irving@12681 3141 char *displayEndOfLine = (fCurrentLine + strlen(fCurrentLine) - (charsReadSoFar - numberOfCharsInThisChunk)); irving@12681 3142 char saveit = *displayEndOfLine; irving@12681 3143 *displayEndOfLine = 0; irving@12681 3144 fServerConnection.HandleMessageDownLoadLine(fCurrentLine, specialLineEnding || !lastChunk); irving@12681 3145 *displayEndOfLine = saveit; irving@12681 3146 lastCRLFwasCRCRLF = (*(displayEndOfLine - 1) == '\r'); irving@12681 3147 } irving@12681 3148 else irving@12681 3149 { irving@12681 3150 lastCRLFwasCRCRLF = (*(fCurrentLine + strlen(fCurrentLine) - 1) == '\r');
Crash Signature: [@ strlen | nsImapServerResponseParser::msg_fetch_literal(int, int)] → [@ strlen | nsImapServerResponseParser::msg_fetch_literal(int, int)]
[@ zzz_AsmCodeRange_Begin | nsImapServerResponseParser::msg_fetch_literal(bool, int)]
Summary: crash [@ strlen | nsImapServerResponseParser::msg_fetch_literal(int, int)] → crash in nsImapServerResponseParser::msg_fetch_literal
Comment 4•9 years ago
|
||
Removing myslef on all the bugs I'm cced on. Please NI me if you need something on MailNews Core bugs from me.
Updated•9 years ago
|
Crash Signature: [@ strlen | nsImapServerResponseParser::msg_fetch_literal(int, int)]
[@ zzz_AsmCodeRange_Begin | nsImapServerResponseParser::msg_fetch_literal(bool, int)] → [@ strlen | nsImapServerResponseParser::msg_fetch_literal(int, int)]
[@ zzz_AsmCodeRange_Begin | nsImapServerResponseParser::msg_fetch_literal(bool, int)]
[@ strlen | nsImapServerResponseParser::msg_fetch_literal]
[@ zzz_AsmCodeRange_Begin | nsImapServ…
Reporter | ||
Comment 5•6 years ago
|
||
Probably just the Mac version of bug 1264302, so duping forward
Status: NEW → RESOLVED
Crash Signature: , int)]
[@ strlen | nsImapServerResponseParser::msg_fetch_literal]
[@ zzz_AsmCodeRange_Begin | nsImapServerResponseParser::msg_fetch_literal] → , int)]
[@ strlen | nsImapServerResponseParser::msg_fetch_literal ]
[@ zzz_AsmCodeRange_Begin | nsImapServerResponseParser::msg_fetch_literal ]
Closed: 6 years ago
OS: Windows Vista → Mac OS X
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•