Closed
Bug 70220
Opened 24 years ago
Closed 24 years ago
Failure in GtkMozEmbedChrome::OpenStream can cause future gtk_moz_embed_append_data to crash.
Categories
(Core Graveyard :: Embedding: GTK Widget, defect)
Tracking
(Not tracked)
RESOLVED
FIXED
mozilla0.9.1
People
(Reporter: mfleming, Assigned: blizzard)
Details
(Keywords: crash)
Attachments
(1 file)
1.01 KB,
patch
|
Details | Diff | Splinter Review |
(I've seen this happen in nautilus)
1) Application calls gtk_moz_embed_open_stream
2) Failure occurs in GtkMozEmbedChrome::OpenStream after mDoingStream is set to
TRUE (in my case, the failure is in " docShell =
do_QueryInterface(contentItem);"
3) Subsequent call to gtk_moz_embed_append_data calls
GtkMozEmbedChrome::AppendToStream.
4) GtkMozEmbedChrome::mStreamListener is still uninitialized, so useage of that
in AppendToStream causes crash.
Requested Fix:
1) GtkMozEmbedChrome::OpenStream should set mDoingStream to FALSE on failure
2) AppendToStream and CloseStream should return if mDoingStream is FALSE
3) gtk_moz_embed_open_stream should return error code instead of void.
(I'll try to submit a patch in a bit)
Reporter | ||
Comment 2•24 years ago
|
||
Incidentally, it appears that this case can happen any time
gtk_moz_embed_open_stream is called prior to the control being realized.
Given that, perhaps some additional checking should be done there.
Assignee | ||
Comment 3•24 years ago
|
||
Yeah, I agree.
Assignee | ||
Updated•24 years ago
|
Target Milestone: --- → mozilla0.9
Assignee | ||
Updated•24 years ago
|
Target Milestone: mozilla0.9 → mozilla0.9.1
Assignee | ||
Comment 4•24 years ago
|
||
Comment 5•24 years ago
|
||
r=pavlov
Comment 6•24 years ago
|
||
Assignee | ||
Comment 7•24 years ago
|
||
Checked in.
Status: NEW → RESOLVED
Closed: 24 years ago
Resolution: --- → FIXED
Updated•13 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•