Closed
Bug 684481
Opened 13 years ago
Closed 13 years ago
crash in nsImapService::OpenAttachment fails to check to check for a null string before trying to use nsDependentCString
Categories
(MailNews Core :: Networking: IMAP, defect)
Tracking
(thunderbird7+ fixed, thunderbird8+ fixed)
RESOLVED
FIXED
Thunderbird 9.0
People
(Reporter: wsmwk, Assigned: standard8)
References
Details
(Keywords: crash, regression)
Crash Data
Attachments
(1 file, 2 obsolete files)
714 bytes,
patch
|
Bienvenu
:
review+
standard8
:
approval-comm-aurora+
|
Details | Diff | Splinter Review |
per IRC w/ standard8 ... crash nsImapService::OpenAttachment fails to check to check for a null string before trying to use nsDependentCString not a regression afaict - https://crash-stats.mozilla.com/report/list?product=Thunderbird&query_search=signature&query_type=exact&query=strlen%20%7C%20nsDependentCString%3A%3AnsDependentCString%28char%20const%2A%29&reason_type=contains&date=09%2F02%2F2011%2021%3A48%3A13&range_value=4&range_unit=weeks&hang_type=any&process_type=all&do_query=1&signature=strlen%20%7C%20nsDependentCString%3A%3AnsDependentCString%28char%20const%2A%29 standard8 thinks this may be a regression in v7. based on spot checking of crash-stats I'm inclined to agree (but I could be incorrect). looks to be at least 5 individuals crashing with v7 bp-63c0a42f-b29e-43aa-a83d-8839b2110901 EXCEPTION_ACCESS_VIOLATION_READ 0x0 0 mozcrt19.dll strlen strlen.asm:81 1 xul.dll nsDependentCString::nsDependentCString objdir-tb/mozilla/dist/include/nsTDependentString.h:90 2 xul.dll nsImapService::OpenAttachment mailnews/imap/src/nsImapService.cpp:399 3 xul.dll NS_InvokeByIndex_P xpcom/reflect/xptcall/src/md/win32/xptcinvoke.cpp:102
Reporter | ||
Comment 1•13 years ago
|
||
And not a duplicate of bug 676882. Filed two more bugs, although it is unclear if these still exist on trunk. nsMessenger::SaveAllAttachments nsComponentManagerImpl::RegisterContractID nsAbCardProperty::SetPropertyAsAString We will be able to tell better a) after patch this bug is lands for v7 :) b) after v7 ships
Summary: crash [@ ] nsImapService::OpenAttachment fails to check to check for a null string before trying to use nsDependentCString → crash in nsImapService::OpenAttachment fails to check to check for a null string before trying to use nsDependentCString
Assignee | ||
Updated•13 years ago
|
Assignee | ||
Comment 2•13 years ago
|
||
Not exactly sure why this comes out as null, but this should stop the crash at least.
Comment 3•13 years ago
|
||
don't you mean: + if (aFileName) + mailUrl->SetFileName(nsDependentCString(aFileName));
Assignee | ||
Comment 4•13 years ago
|
||
I blame it on lack of sleep and/or lack of coding recently.
Attachment #560460 -
Attachment is obsolete: true
Attachment #560460 -
Flags: review?(dbienvenu)
Attachment #560464 -
Flags: review?(dbienvenu)
Comment 5•13 years ago
|
||
Comment on attachment 560464 [details] [diff] [review] Branch patch v2 :-)
Attachment #560464 -
Flags: review?(dbienvenu) → review+
Assignee | ||
Comment 6•13 years ago
|
||
Comment on attachment 560464 [details] [diff] [review] Branch patch v2 Checked into aurora and beta: http://hg.mozilla.org/releases/comm-aurora/rev/983882cfe7c4 http://hg.mozilla.org/releases/comm-beta/rev/e06e69c69a0d
Attachment #560464 -
Flags: approval-comm-beta+
Attachment #560464 -
Flags: approval-comm-aurora+
Assignee | ||
Updated•13 years ago
|
status-thunderbird7:
--- → fixed
status-thunderbird8:
--- → fixed
tracking-thunderbird8:
--- → +
tracking-thunderbird9:
--- → +
Assignee | ||
Comment 7•13 years ago
|
||
Proper beta landing: http://hg.mozilla.org/releases/comm-beta/rev/cafdd37224b1
Assignee | ||
Comment 8•13 years ago
|
||
A bit later than planned. If I can get reviews on this today, then I can land before the branch and avoid some interesting flag tweaks.
Attachment #562425 -
Flags: superreview?(neil)
Attachment #562425 -
Flags: review?(dbienvenu)
Comment 9•13 years ago
|
||
Comment on attachment 562425 [details] [diff] [review] Trunk fix >+ void openAttachment(in ACString aContentType, >+ in AUTF8String aFileName, >+ in AUTF8String aUrl, >+ in AUTF8String aMessageUri, The message service function to which this delegates describes these parameters all as ACString rather than AUTF8String. They can't both be correct ;-) >+ in nsISupports aDisplayConsumer, Nit: some trailing spaces crept in, here is one example. >+ PRInt32 partStart = nsCString(aUrl).Find("part="); PromiseFlatCString >+ uri += Substring(aUrl, partStart, aUrl.FindChar('&', partStart + 5)); I think FindChar returns the offset from the start of the string, rather than the start of the search, so you'll need to subtract partStart. >-NS_IMETHODIMP nsMailboxService::OpenAttachment(const char *aContentType, >- const char *aFileName, >- const char *aUrl, >- const char *aMessageUri, >+NS_IMETHODIMP nsMailboxService::OpenAttachment(const nsACString &aContentType, >+ const nsACString &aFileName, >+ const nsACString &aUrl, >+ const nsACString &aMessageUri, That's convenient :-)
Comment 10•13 years ago
|
||
I'm going to wait for Neil's comments to be addressed before I review this, especially because of this part:
>+ uri += Substring(aUrl, partStart, aUrl.FindChar('&', partStart + 5));
I think FindChar returns the offset from the start of the string, rather than the start of the search, so you'll need to subtract partStart.
Assignee | ||
Comment 11•13 years ago
|
||
Ok, my plan at the moment is to land the branch patch on trunk, and then I'll branch out the API improvements to another bug. That way we'll get everything covered right before the merge.
Assignee | ||
Comment 12•13 years ago
|
||
Landed the branch patch onto trunk: http://hg.mozilla.org/comm-central/rev/ea4ec56a9b02
Status: ASSIGNED → RESOLVED
Closed: 13 years ago
tracking-thunderbird9:
+ → ---
Resolution: --- → FIXED
Target Milestone: --- → Thunderbird 9.0
Assignee | ||
Comment 13•13 years ago
|
||
Comment on attachment 562425 [details] [diff] [review] Trunk fix Filed bug 689544 to get this patch landed.
Attachment #562425 -
Attachment is obsolete: true
Attachment #562425 -
Flags: superreview?(neil)
Attachment #562425 -
Flags: review?(dbienvenu)
You need to log in
before you can comment on or make changes to this bug.
Description
•