Closed
Bug 20732
Opened 25 years ago
Closed 25 years ago
Part of buffer is incorrectly overwritten (in read(byte[],int,int))
Categories
(Core Graveyard :: Java-Implemented Plugins, defect, P3)
Tracking
(Not tracked)
VERIFIED
FIXED
People
(Reporter: lvv, Assigned: blackconnect)
Details
From java2 documentation about read(byte[],int,int) method of the InputStream: The first byte read is stored into element b[off], the next one into b[off+1], and so on. The number of bytes read is, at most, equal to len. Let k be the number of bytes actually read; these bytes will be stored in elements b[off] through b[off+k-1], leaving elements b[off+k] through b[off+len-1] unaffected. But currently the elements b[off+k] through b[off+len-1] is also overwritten by some garbage. Steps to Reproduce: 1) Use following implementation for your PlugletStreamListener.onDataAvailable method: public void onDataAvailable(PlugletStreamInfo plugletInfo, InputStream input, int length) { byte[] buf = new byte[10]; for (int i = 0; i < 10; i++){ buf[i] = 0; } try{ input.read(buf, 2, 6); } catch (IOException e) { System.out.println("IOException"); } for (int i = 0; i < 10; i++){ System.out.println("buf[" + i + "] is "+ buf[i]); } } 2) Point some file (with 4 byte length for this example) in SRC attribute and load the page Actual Results: Smaple of output. buf[0] is 0 buf[1] is 0 buf[2] is 108 buf[3] is 97 buf[4] is 13 buf[5] is 10 buf[6] is -51 buf[7] is -51 buf[8] is 0 buf[9] is 0 Expected Results: In this example the values of buf[6] and buf[7] should be 0.
Assignee | ||
Updated•25 years ago
|
Status: NEW → RESOLVED
Closed: 25 years ago
Resolution: --- → FIXED
Assignee | ||
Comment 1•25 years ago
|
||
The reason of this bug is that we are copying len bytes instead of actual amount of bytes. Here is suggetsted fix: Index: org_mozilla_pluglet_mozilla_PlugletInputStream.cpp =================================================================== RCS file: /cvsroot/mozilla/java/plugins/jni/org_mozilla_pluglet_mozilla_PlugletInputStream.cpp,v retrieving revision 1.7 diff -c -r1.7 org_mozilla_pluglet_mozilla_PlugletInputStream.cpp *** org_mozilla_pluglet_mozilla_PlugletInputStream.cpp 2000/01/18 02:53:52 1.7 --- org_mozilla_pluglet_mozilla_PlugletInputStream.cpp 2000/01/18 22:40:36 *************** *** 99,105 **** PR_LOG(PlugletLog::log, PR_LOG_DEBUG, ("PlugletInputStream.nativeRead: %i bytes read\n", retval)); ! env->SetByteArrayRegion(b,off,len,bufElems); free(bufElems); return retval; } --- 99,105 ---- PR_LOG(PlugletLog::log, PR_LOG_DEBUG, ("PlugletInputStream.nativeRead: %i bytes read\n", retval)); ! env->SetByteArrayRegion(b,off,retval,bufElems); free(bufElems); return retval; } --- I am closing this bug as fixed.
Comment 2•23 years ago
|
||
Verified with Mozilla 0.9.5 (Mozilla/5.0 (Windows; U; WinNT4.0; en-US; rv:0.9.5+) Gecko/20011030). This bug isn't reproduced.
Updated•13 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•