Closed Bug 114356 Opened 23 years ago Closed 23 years ago

FMM: freeing mismatched mem in nsFormSubmitter::URLEncode

Categories

(Core :: DOM: Core & HTML, defect)

Product:
Core
Component:
DOM: Core & HTML
Platform:
x86
Windows 2000
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
VERIFIED FIXED
Milestone:
mozilla0.9.9

People

(Reporter: jrgmorrison, Assigned: john)

References

(
URL
)

Details

Attachments

(1 file)

purify output of FMM location
(deleted), text/plain
Details
I'll attach the Purify details in a moment. Calling delete on a string that was malloc'd. Looks also like there is a second case in the same routine that should be free'ing, although I didn't hit that code path with pruify. I get the FMM just from submitting the form on http://cowtools/page-loader/loader.pl, but that is a very vanilla form, so I assume any form would do for testing.
Attached file purify output of FMM location (deleted) —
The comment before the allocation point says: // XXX This is inefficient. When nsAString gets a get() equivalent, This code should likely be rewritten using nsPromiseFlatString, which does its own memory management.... the problem will die a natural and easy death then.
*** Bug 115386 has been marked as a duplicate of this bug. ***
I do believe this is fixed with bug 120682.
Status: NEW → ASSIGNED
Depends on: 120682
Target Milestone: --- → mozilla0.9.9
Marking nsbeta1+
Keywords: nsbeta1+
This should be fixed now. A problem where we did new and ::Free in this function was found and fixed.
Status: ASSIGNED → RESOLVED
Closed: 23 years ago
Resolution: --- → FIXED
verifying per developer's coments
Status: RESOLVED → VERIFIED
So, these FMM's are gone, but there are new mismatches in the new code. See 'Part deux', bug 127806.
Component: HTML: Form Submission → DOM: Core & HTML
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: