Closed
Bug 883766
Opened 11 years ago
Closed 11 years ago
JavaScript Warning: "reference to undefined property ret.value" {file: "resource://gre/modules/wifi_worker.js" line: 71}
Categories
(Firefox OS Graveyard :: Wifi, defect)
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: kanru, Assigned: vchang)
Details
Attachments
(1 file, 2 obsolete files)
1.44 KB,
patch
|
mrbkap
:
review+
|
Details | Diff | Splinter Review |
Found on m-c debug build.
Comment 3•11 years ago
|
||
Comment on attachment 765279 [details] [diff] [review] Patch v1.0 for m-c Review of attachment 765279 [details] [diff] [review]: ----------------------------------------------------------------- ::: dom/wifi/wifi_worker.js @@ +67,5 @@ > postMessage({ id: id, status: ret, reply: reply }); > break; > case "wait_for_event": > var ret = libhardware_legacy.wait_for_event(cbuf, 4096); > + var event = cbuf.readString().substr(0, ret); This has been wrong for a while and (fortunately) that bug was hidden by this one. readString() does UTF-8 expansion on cbuf, and ret returns the number of bytes returned. That means that using ret after readString() is wrong. See also bug 819164. We should probably (to be safe) do something like: if (ret > 0 && ret != 4069) cbuf[ret] = 0; var event = cbuf.readString(); /* should this use readStringReplaceMalformed? */ I'm not sure which function to use, and this needs to be tested carefully.
Attachment #765279 -
Flags: review?(mrbkap) → review-
(In reply to Blake Kaplan (:mrbkap) from comment #3) > > if (ret > 0 && ret != 4069) cbuf[ret] = 0; > var event = cbuf.readString(); /* should this use > readStringReplaceMalformed? */ > > I'm not sure which function to use, and this needs to be tested carefully. I think in most cases, we should use readStringReplaceMalformed(). If returned string is UTF-8 encoded, it works as same as readString(). If returned string contains invalid char, mostly non-UTF8-encoded SSID, it will replace these chars with malformed chars, instead of throwing an error and break ril_worker.
Assignee | ||
Comment 5•11 years ago
|
||
Attachment #765279 -
Attachment is obsolete: true
Attachment #774469 -
Flags: review?(mrbkap)
Comment 6•11 years ago
|
||
Comment on attachment 774469 [details] [diff] [review] m-c Patch v1.1 Review of attachment 774469 [details] [diff] [review]: ----------------------------------------------------------------- ::: dom/wifi/wifi_worker.js @@ +69,5 @@ > case "wait_for_event": > var ret = libhardware_legacy.wait_for_event(cbuf, 4096); > + // Make sure the cbuf is null-terminated. > + if (ret > 0 && ret != 4069) { > + cbuf[ret] = 0; The maximum length is 4096, not 4069. We should probably still send the event if the string was the maximum length, though (so only the "cbuf[ret] = 0;" should be hidden under the if statement.
Attachment #774469 -
Flags: review?(mrbkap)
Assignee | ||
Comment 7•11 years ago
|
||
> Review of attachment 774469 [details] [diff] [review]:
> -----------------------------------------------------------------
>
> ::: dom/wifi/wifi_worker.js
> @@ +69,5 @@
> > case "wait_for_event":
> > var ret = libhardware_legacy.wait_for_event(cbuf, 4096);
> > + // Make sure the cbuf is null-terminated.
> > + if (ret > 0 && ret != 4069) {
> > + cbuf[ret] = 0;
>
> The maximum length is 4096, not 4069.
>
> We should probably still send the event if the string was the maximum
> length, though (so only the "cbuf[ret] = 0;" should be hidden under the if
> statement.
We might have a problem when return value is 4096 but without
null terminated in cbuf. If my understanding is correct, the
cbuf should always be null terminated before we use readStringReplaceMalformed().
How about this ?
// Check array index is correct.
if (ret > 0 && ret < 4096) {
// Make sure the string buffer is null terminated.
cbuf[ret] = 0;
// Use readStringReplaceMalformed() to handle non-UTF8-encoded string.
var event = cbuf.readStringReplaceMalformed();
postMessage({ id: id, event: event });
}
Comment 8•11 years ago
|
||
That looks good to me.
Assignee | ||
Comment 9•11 years ago
|
||
Attachment #774469 -
Attachment is obsolete: true
Attachment #778399 -
Flags: review?(mrbkap)
Updated•11 years ago
|
Attachment #778399 -
Flags: review?(mrbkap) → review+
Assignee | ||
Comment 10•11 years ago
|
||
http://hg.mozilla.org/projects/birch/rev/a965d9f77a3d
Comment 11•11 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/a965d9f77a3d
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•