attachment1 [details] [diff] [review]_body of nsProxySendRunnable will not be non-null terminated string.

RESOLVED FIXED in Thunderbird 22.0

Status

MailNews Core
Import
RESOLVED FIXED
5 years ago
4 years ago

People

(Reporter: m_kato, Assigned: m_kato)

Tracking

Trunk
Thunderbird 22.0
x86
Windows 7

Firefox Tracking Flags

(Not tracked)

Details

(crash signature)

Attachments

(1 attachment, 2 obsolete attachments)

(Assignee)

Description

5 years ago
attachment1 [details] [diff] [review]_body of nsProxySendRunnable can pass non-null string since attachment1 [details] [diff] [review]_body_length is length of it.  But attachment1 [details] [diff] [review]_body is used as null-terminated string.
(Assignee)

Comment 1

5 years ago
Created attachment 607655 [details] [diff] [review]
fix

Updated

5 years ago
Attachment #607655 - Flags: feedback+
(Assignee)

Comment 2

5 years ago
Created attachment 653303 [details] [diff] [review]
fix v1.1

rebased for current c-c
Attachment #653303 - Flags: review?(mbanner)
Comment on attachment 653303 [details] [diff] [review]
fix v1.1

Looks good, this will need a quick sr as well though.
Attachment #653303 - Flags: superreview?(neil)
Attachment #653303 - Flags: review?(mbanner)
Attachment #653303 - Flags: review+

Comment 4

5 years ago
Sorry, but I can't actually see where the problem is.

Both nsEudoraCompose and nsOutlookCompose pass the .get() and .Length() of an nsCString to nsImportService::CreateRFC822Message that goes on to create an nsProxySendRunnable that assumes that the string is null-terminated (which it fortunately is) and copies it (it would obviously be much more efficient to pass these as a const nsACString& instead) then (on the main thread) passes the (null-terminated) copy to nsMsgComposeAndSend::CreateRFC822Message.
I assumed this was just tidying up the interfaces and removing the extra variable and improving efficiency...

Comment 6

5 years ago
Comment on attachment 653303 [details] [diff] [review]
fix v1.1

>diff --git a/mailnews/compose/public/nsIMsgSend.idl b/mailnews/compose/public/nsIMsgSend.idl
>-                           in string aBody,
>-                           in unsigned long aBodyLength,
>+                           in ACString aBody,
>diff --git a/mailnews/compose/src/nsMsgSend.cpp b/mailnews/compose/src/nsMsgSend.cpp
>-            aMsgType, aMsgBody,
>-            aMsgBodyLength,
>+            aMsgType,
>+            aMsgBody.IsEmpty() ? nullptr : PromiseFlatCString(aMsgBody).get(),
>+            aMsgBody.Length(),
Ah, well as cleanup then it mostly makes sense, except I'm not really keen on this change, until Init and SnarfAndCopyBody are changed to use nsCString too.

>-                                      m_bodyType.get(), m_body.get(),
>-                                      m_bodyLength, m_isDraft, m_loadedAttachments,
>+                                      m_bodyType.get(), m_body,
>+                                      m_isDraft, m_loadedAttachments,
Instead I would just use m_body.Length() here for now.
might want to catch this before it bitrots :)
Flags: needinfo?(m_kato)
Created attachment 729095 [details] [diff] [review]
Updated for Neil's comments

I've adapted the patch for Neil's review comments and fixed bitrot. As it turns out it was easier to change a few additional interfaces to make this all consistent.

It passed unit tests on try server.
Attachment #607655 - Attachment is obsolete: true
Attachment #653303 - Attachment is obsolete: true
Attachment #653303 - Flags: superreview?(neil)
Attachment #729095 - Flags: superreview?(neil)
Flags: needinfo?(m_kato)

Comment 9

4 years ago
Comment on attachment 729095 [details] [diff] [review]
Updated for Neil's comments

>-      if (newBody)
Nit: Variable is never used, so it can be removed completely.

>+  const char *body = PromiseFlatCString(aBody).get();
This is technically unsafe, although because you only have the one caller then I think you'll find it happens to work. (If you had written the caller to use StringHead instead of Trim then it would not have worked.)
One way to fix it is by making aBody a const nsCString& so you can safely use a plain get() instead.
[At some point m_attachment1_body should become an nsCString and these functions will just do direct string API on it.]
Attachment #729095 - Flags: superreview?(neil) → superreview+
https://hg.mozilla.org/comm-central/rev/28429b5084d7
Status: NEW → RESOLVED
Last Resolved: 4 years ago
Resolution: --- → FIXED
Target Milestone: --- → Thunderbird 22.0
You need to log in before you can comment on or make changes to this bug.