Closed
Bug 852551
Opened 11 years ago
Closed 11 years ago
Unsafe use of reinterpret_cast in nsContentUtils::CheckQName
Categories
(Core :: DOM: Core & HTML, defect)
Core
DOM: Core & HTML
Tracking
()
RESOLVED
INVALID
People
(Reporter: ayg, Unassigned)
References
Details
This causes us to fail a test in <http://w3c-test.org/webapps/DOMCore/tests/submissions/Ms2ger/Document-createElementNS.html>. Basically, it creates an element name that includes U+0300. nsContentUtils::CheckQName casts a PRUnichar* to char* to parse the name, which makes this a null byte. This test fails because the method throws the wrong exception type. The relevant code was introduced by bug 729048 part 1. Henri, can that part of the patch just be reverted, or should MOZ_XMLCheckQName be converted to use PRUnichar, or what?
Flags: needinfo?(hsivonen)
Comment 1•11 years ago
|
||
(In reply to :Aryeh Gregor from comment #0) > The relevant code was introduced by bug 729048 part 1. Henri, can that part > of the patch just be reverted, or should MOZ_XMLCheckQName be converted to > use PRUnichar, or what? AFAICT, the patch should not be reverted. MOZ_XMLCheckQName indeed deals with UTF-16 pointed to by byte pointers instead. It's pretty weird indeed. There must be a reason why it's not using PRUnichar, likely related to the weird way how expat can be configured between UTF-8 and UTF-16 at compile time, but maybe it could be converted to use PRUnichar.
Flags: needinfo?(hsivonen)
Reporter | ||
Comment 2•11 years ago
|
||
I looked more closely, and this isn't a valid bug at all. The error being returned here doesn't match what DOM wants, but it doesn't have to do with incorrect casting. The macros here look like they handle everything properly. It's just that MOZ_XMLCheckQName is returning MOZ_EXPAT_MALFORMED (which translates to NamespaceError in the DOM) for some names that don't match the Name production, while the spec says to only throw this if they match Name but don't match QName. I'm not sure why it's doing this.
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → INVALID
Comment 3•11 years ago
|
||
So do we need to raise a spec issue, then?
Reporter | ||
Comment 4•11 years ago
|
||
The spec seems sane, and Chrome and Opera versions I tested in both pass the test in comment #0, so I'd say we're the ones who should change. I don't understand what the code is doing or why well enough to say how to fix it, though.
Comment 5•11 years ago
|
||
Well, then we still need a bug on whatever the real issue is, right?
Reporter | ||
Comment 6•11 years ago
|
||
Yes, along with the many other tests we fail.
Assignee | ||
Updated•5 years ago
|
Component: DOM → DOM: Core & HTML
You need to log in
before you can comment on or make changes to this bug.
Description
•