Closed
Bug 2665
Opened 26 years ago
Closed 26 years ago
Free Mem Read in IMAP parser
Categories
(MailNews Core :: Backend, defect, P2)
MailNews Core
Backend
Tracking
(Not tracked)
VERIFIED
FIXED
M7
People
(Reporter: lchiang, Assigned: mscott)
Details
<contents transferred from bugsplat bug 334414>
Free Mem Read in IMAP parser
Found this when trying Purify 6 with Nova.
[E] FMR: Free memory read in strcmp {1 occurrence}
Reading 1 byte from 0x08dffd70 (1 byte at 0x08dffd70 illegal)
Address 0x08dffd70 is argument #1 of strcmp
Address 0x08dffd70 is at the beginning of a 101 byte block
Address 0x08dffd70 points to a malloc'd block in heap 0x07910000
Thread ID: 0x38
Error location
strcmp [strcmp.asm:65]
TIMAPGenericParser::at_end_of_line(void) [IMAPPARS.cpp:475]
}
XP_Bool TIMAPGenericParser::at_end_of_line()
{
=> return (fAtEndOfLine || (XP_STRCMP(fNextToken, CRLF) == 0));
}
void TIMAPGenericParser::skip_to_CRLF()
{
while (Connected() && !at_end_of_line())
TImapServerState::xserverinfo_data(void) [IMAPPARS.cpp:2712]
TImapServerState::response_data(void) [IMAPPARS.cpp:1651]
TImapServerState::ParseIMAPServerResponse(char const*)
[IMAPPARS.cpp:1212]
TNavigatorImapConnection::ParseIMAPandCheckForNewMail(char *)
[MKIMAP4.cpp:5256]
TIMAP4BlockingConnection::XServerInfo(void) [MKIMAP4.cpp:2495]
TNavigatorImapConnection::ProcessAfterAuthenticated(void)
[MKIMAP4.cpp:6576]
TNavigatorImapConnection::TryToLogon(void) [MKIMAP4.cpp:6810]
TNavigatorImapConnection::ProcessCurrentURL(void) [MKIMAP4.cpp:6879]
TNavigatorImapConnection::StartProcessingActiveEntries(void)
[MKIMAP4.cpp:2815]
imap_thread_main_function [MKIMAP4.cpp:10380]
Win32_HopToad [hwthread.c:250]
lstrcmpiW [KERNEL32.dll]
Allocation location
strdup [strdup.asm:64]
TIMAPGenericParser::AdvanceToNextLine(void) [IMAPPARS.cpp:591]
TIMAPGenericParser::CreateLiteral(void) [IMAPPARS.cpp:817]
TIMAPGenericParser::CreateString(void) [IMAPPARS.cpp:691]
TIMAPGenericParser::CreateNilString(void) [IMAPPARS.cpp:679]
TImapServerState::xserverinfo_data(void) [IMAPPARS.cpp:2700]
TImapServerState::response_data(void) [IMAPPARS.cpp:1651]
TImapServerState::ParseIMAPServerResponse(char const*)
[IMAPPARS.cpp:1212]
TNavigatorImapConnection::ParseIMAPandCheckForNewMail(char *)
[MKIMAP4.cpp:5256]
TIMAP4BlockingConnection::XServerInfo(void) [MKIMAP4.cpp:2495]
TNavigatorImapConnection::ProcessAfterAuthenticated(void)
[MKIMAP4.cpp:6576]
TNavigatorImapConnection::TryToLogon(void) [MKIMAP4.cpp:6810]
TNavigatorImapConnection::ProcessCurrentURL(void) [MKIMAP4.cpp:6879]
TNavigatorImapConnection::StartProcessingActiveEntries(void)
[MKIMAP4.cpp:2815]
imap_thread_main_function [MKIMAP4.cpp:10380]
Win32_HopToad [hwthread.c:250]
lstrcmpiW [KERNEL32.dll]
Free location
free [dbgheap.c:925]
TIMAPGenericParser::AdvanceTokenizerStartingPoint(long)
[IMAPPARS.cpp:614]
}
void TIMAPGenericParser::AdvanceTokenizerStartingPoint(int32
bytesToAdvance)
{
int startingDiff = fLineOfTokens - fStartOfLineOfTokens;
=> FREEIF(fStartOfLineOfTokens);
if (fCurrentLine)
{
fStartOfLineOfTokens = XP_STRDUP(fCurrentLine);
if (fStartOfLineOfTokens && ((int32)
XP_STRLEN(fStartOfLineOfTokens) >= bytesToAdvance))
{
TIMAPGenericParser::CreateLiteral(void) [IMAPPARS.cpp:849]
TIMAPGenericParser::CreateString(void) [IMAPPARS.cpp:691]
TIMAPGenericParser::CreateNilString(void) [IMAPPARS.cpp:679]
TImapServerState::xserverinfo_data(void) [IMAPPARS.cpp:2700]
TImapServerState::response_data(void) [IMAPPARS.cpp:1651]
TImapServerState::ParseIMAPServerResponse(char const*)
[IMAPPARS.cpp:1212]
TNavigatorImapConnection::ParseIMAPandCheckForNewMail(char *)
[MKIMAP4.cpp:5256]
TIMAP4BlockingConnection::XServerInfo(void) [MKIMAP4.cpp:2495]
TNavigatorImapConnection::ProcessAfterAuthenticated(void)
[MKIMAP4.cpp:6576]
TNavigatorImapConnection::TryToLogon(void) [MKIMAP4.cpp:6810]
TNavigatorImapConnection::ProcessCurrentURL(void) [MKIMAP4.cpp:6879]
TNavigatorImapConnection::StartProcessingActiveEntries(void)
[MKIMAP4.cpp:2815]
imap_thread_main_function [MKIMAP4.cpp:10380]
Win32_HopToad [hwthread.c:250]
lstrcmpiW [KERNEL32.dll]
This has a current target milestone of M4. Would you consider this an M4
stopper? If not, please change the milestone accordingly.
Assignee | ||
Updated•26 years ago
|
Target Milestone: M4 → M7
Assignee | ||
Comment 4•26 years ago
|
||
Is this a 4.5 bug that got copied into 5.0? We don't have imap in 5.0 yet so I'm
not sure where this crash could have come from.....
Since we don't have IMAP, this is not an M4 bug....guessing M7 or later....
Assignee | ||
Updated•26 years ago
|
Status: NEW → RESOLVED
Closed: 26 years ago
Resolution: --- → FIXED
Assignee | ||
Comment 5•26 years ago
|
||
This code was re-written for 5.0. I did a quick check of the latest purify log
posted by Suresh in which he does some basic imap commands. This FMR wasn't in
the log so I'm going to go out on a limb and mark it as fixed.
Changing qa-assigned to suresh, who now has the super-power-purify machine and
has been doing that testing.
I did a search on my previous Purify logs, where I did some imap commands, and
couldn't find this error. But I couldn't do imap commands using Purify for the
past few weeks because of bug# 7426. I am marking this bug as Verified.
Updated•20 years ago
|
Product: MailNews → Core
Updated•16 years ago
|
Product: Core → MailNews Core
You need to log in
before you can comment on or make changes to this bug.
Description
•