Closed Bug 26236 Opened 25 years ago Closed 25 years ago

bug in nsGlobalWindow::Unescape()

Categories

(Core :: DOM: Core & HTML, defect, P3)

x86
Linux
defect

Tracking

()

VERIFIED FIXED

People

(Reporter: ftang, Assigned: vidur)

References

()

Details

I found this problem when I debug 25535. Currently the above URL does not load in Linux. I don't think the problem is solely this bug because it still does not display even after I change my local build. However, this bug is very obvious and should be fix Look at 1629 char* src = nsUnescape(inBuf); 1630 // nsAllocator::Free(inBuf); 1631 if (nsnull == src) { 1632 return NS_ERROR_OUT_OF_MEMORY; 1633 } 1634 1635 PRInt32 maxLength, srcLen; 1636 srcLen = aStr.Length(); 1637 1638 // Get the expected length of the result string 1639 result = decoder->GetMaxLength(src, srcLen, &maxLength); 1640 if (NS_FAILED(result)) { The problem is nsUnescape(inBuf); in line 1629 may change the length of the string. so the srcLen get from aString is not valid with src. I think you should chagne line 1636 srcLen = aStr.Length(); to srcLen = nsCRT::strlen(src); You will see an assert in Linux if you don't fix it, and the assert will be gone after you fix it. However, the page won't show because of other bugs. This is a one liner. Please check in ASAP. I am sorry that I didn't do a good job of code review last time.
Fixed on 1/2/2000.
Status: NEW → RESOLVED
Closed: 25 years ago
Resolution: --- → FIXED
Verified.
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.