CLOSED FIXED 11414
[s60]China Variant Crashes 
https://bugs.webkit.org/show_bug.cgi?id=11414
Summary [s60]China Variant Crashes
Rasvan Alexandrescu
Reported 2006-10-25 07:50:47 PDT
Browser Crash when search with Google using chinese characters and spaces
Attachments
changes to the hbuf max size (11.28 KB, patch)
2006-10-25 07:53 PDT, Rasvan Alexandrescu 		zalan: review+
DetailsFormatted DiffDiff
check for more reallocation condition (5.41 KB, patch)
2006-11-08 12:07 PST, Rasvan Alexandrescu 		no flags
DetailsFormatted DiffDiff
check for more reallocation condition (3.41 KB, patch)
2006-11-08 13:22 PST, Rasvan Alexandrescu 		zalan: review-
DetailsFormatted DiffDiff
modified as suggested (3.41 KB, patch)
2006-11-09 08:24 PST, Rasvan Alexandrescu 		zalan: review-
DetailsFormatted DiffDiff
latest changes (3.55 KB, patch)
2006-11-09 09:29 PST, Rasvan Alexandrescu 		zalan: review-
DetailsFormatted DiffDiff
modified and tested (3.55 KB, patch)
2006-11-09 12:36 PST, Rasvan Alexandrescu 		zalan: review+
DetailsFormatted DiffDiff
Show Obsolete (5) View All Add attachment proposed patch, testcase, etc.
Rasvan Alexandrescu
Comment 1 2006-10-25 07:53:41 PDT
Created attachment 11209 [details] changes to the hbuf max size
zalan
Comment 2 2006-10-26 12:12:56 PDT
Comment on attachment 11209 [details] changes to the hbuf max size r=me
zalan
Comment 3 2006-10-26 12:31:06 PDT
3.1m r17335 3.2 r17336
Rasvan Alexandrescu
Comment 4 2006-11-08 12:07:02 PST
Created attachment 11427 [details] check for more reallocation condition
Rasvan Alexandrescu
Comment 5 2006-11-08 13:22:49 PST
Created attachment 11429 [details] check for more reallocation condition
zalan
Comment 6 2006-11-08 13:45:12 PST
Comment on attachment 11429 [details] check for more reallocation condition checkRealloc should take two parameters, the current buffer and the length you want to expand to and return the new buffer. so instead of TBool checkRealloc( HBufC8* aBuf, TPtr8& aPtr, TInt aLen ) you should have something like HBufC8* checkRealloc( TPtrC8& , TInt ) then you dont have to do tricks like this // HBufC8* temp = aBuf->ReAlloc( maxlen + (len == maxlen ? 1 : aLen) );
Rasvan Alexandrescu
Comment 7 2006-11-09 08:24:55 PST
Created attachment 11438 [details] modified as suggested
zalan
Comment 8 2006-11-09 08:43:18 PST
Comment on attachment 11438 [details] modified as suggested 1, ptr.Length() + tmpBuf.Length() should be passed to checkRealloc instead of tmpBuf.Length() 2, outBuf->Des().Copy( aPtr ) should be used instead of outBuf->operator=(aPtr); as the buffer that aPtr points to is destroyed right after checkRealloc returns (delete outBuf;) 3, checkRealloc should not leave, it should return null in case of oom.
Rasvan Alexandrescu
Comment 9 2006-11-09 09:29:15 PST
Created attachment 11441 [details] latest changes
zalan
Comment 10 2006-11-09 09:36:58 PST
Comment on attachment 11441 [details] latest changes checkRealloc still leaves. please either trap NewMaxL or use a non-leaving version of it. please also make sure that this patch fixes your test case
Rasvan Alexandrescu
Comment 11 2006-11-09 12:36:06 PST
Created attachment 11445 [details] modified and tested
zalan
Comment 12 2006-11-09 13:45:12 PST
Comment on attachment 11445 [details] modified and tested r=me
zalan
Comment 13 2006-11-09 13:49:12 PST
3.1m r17692 3.2 r17693
Joel Parks
Comment 14 2011-03-21 11:52:43 PDT
re-purposing InTSW keyword for use by QtWebkit team
Note You need to log in before you can comment on or make changes to this bug.