Closed Bug 718293 Opened 13 years ago Closed 12 years ago

nsHTMLDocumentSH::CallToGetPropMapper uses JS_GetStringCharsAndLength but does not anchor the result

Categories

(Core :: XPConnect, defect)

Product:
Core
Component:
XPConnect
Platform:
x86
macOS
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla18

People

(Reporter: jdm, Assigned: jkitch)

Details

(Whiteboard: [mentor=jdm][lang=c++])

Attachments

(1 file, 3 obsolete files)

add anchor (compiles)
784 bytes, patch
Details | Diff | Splinter Review
Obtaining a jschar* result direct can be dangerous, because the JS engine's stack scanner does not know the string is still in use. The result should be stored in a JS::Anchor to ensure safety.
It compiles and launches, but are there any tests I should run?
Attachment #663669 - Flags: review?(josh)
Comment on attachment 663669 [details] [diff] [review] Anchor string in nsHTMLDocumentSH::CallToGetPropMapper Review of attachment 663669 [details] [diff] [review]: ----------------------------------------------------------------- No, this is something that requires great luck to be able to test. Thanks for doing this!
Attachment #663669 - Flags: review?(josh)
Attachment #663669 - Flags: review?(jorendorff)
Attachment #663669 - Flags: feedback+
Attachment #663669 - Flags: review?(jorendorff) → review+
Keywords: checkin-needed
Actually this should get a proper r=jorendorff line on the commit message before it's checked in :P
Keywords: checkin-needed
Update the commit message, no other changes. Could you please set the checkin-needed keyword again? I am unable to do so.
Attachment #663669 - Attachment is obsolete: true
This one has unix-style newlines. Am I correct in assuming that it matters?
Attachment #665305 - Attachment is obsolete: true
Thanks! You've also now got the ability to do things like set flags; enjoy.
Keywords: checkin-needed
https://hg.mozilla.org/integration/mozilla-inbound/rev/93b39d0f7d17
Assignee: nobody → jkitch.bug
Flags: in-testsuite-
Keywords: checkin-needed
And backed out for build bustage. Did this even compile locally? https://hg.mozilla.org/integration/mozilla-inbound/rev/b30bd7055fcb https://tbpl.mozilla.org/php/getParsedLog.php?id=15611540&tree=Mozilla-Inbound ../../../../dom/base/nsDOMClassInfo.cpp:9176:37: error: expected ';' at end of declaration JS::Anchor<JSString *> anchor(str) ^ ; 1 error generated. make[7]: *** [nsDOMClassInfo.o] Error 1
I sincerely apologise for this. What I submitted was an earlier iteration. I had neglected to refresh the patch after correcting that bug. I'll upload a updated patch when I can verify that it builds locally. Once I have done so, are there any additional procedures/reviews that need to be performed? Once again, my apologies. It won't happen again.
I'd like to see a green Try run before pushing it again. I can push it if nobody else beats me to it.
This one is definitely up to date and compiles locally. Would you mind doing the try run? I don't think I have the required permissions.
Attachment #665316 - Attachment is obsolete: true
https://tbpl.mozilla.org/?tree=Try&rev=41211fe04f8d Looks good, thanks :). It's in my landing queue.
https://hg.mozilla.org/mozilla-central/rev/ecedd932c25b
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla18
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: