WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
CLOSED FIXED
11724
[S60] 3.1 & 3.2 Memory handling error in CHttpCacheEntry::Internalize(), BrowserCache.dll
https://bugs.webkit.org/show_bug.cgi?id=11724
Summary
[S60] 3.1 & 3.2 Memory handling error in CHttpCacheEntry::Internalize(), Brow...
Sachin Padma
Reported
2006-11-30 10:39:27 PST
S60_3_1_200638 release, file name \S60\mw\web\WebEngine\OssWebengine\WebKit\ResourceLoader\CacheSrc\HttpCacheEntry.cpp contains the following code... TInt CHttpCacheEntry::Internalize( RFileReadStream& aReadStream ) { TRAPD( err, TInt len; // url length len = aReadStream.ReadInt32L(); delete iUrl; iUrl = HBufC8::NewL( len ); <== if NewL leaves, then iUrl is deleted, but iUrl is not NULL TPtr8 ptr8( iUrl->Des() ); // url aReadStream.ReadL( ptr8, len ); // filename length len = aReadStream.ReadInt32L(); HBufC* filename = HBufC::NewLC( len ); TPtr ptr( filename->Des() ); // url aReadStream.ReadL( ptr, len ); // SetFileNameL( filename->Des() ); // CleanupStack::PopAndDestroy(); // filename // la TReal64 la; la = aReadStream.ReadReal64L(); iLastAccessed = la; // ref iRef = aReadStream.ReadUint32L(); // size iSize = aReadStream.ReadUint32L( ); // size iHeaderSize = aReadStream.ReadUint32L( ); // protected iProtected = aReadStream.ReadInt32L(); // SetState( ECacheComplete ); ); return err; } ... and this causes problems after CHttpCacheEntry destructor is run, because it deletes the same heap-allocated iUrl again.
Attachments
fix url not set null of deleting
(4.53 KB, patch)
2006-11-30 10:43 PST
,
Sachin Padma
yongjun.zhang
: review+
Details
Formatted Diff
Diff
View All
Add attachment
proposed patch, testcase, etc.
Sachin Padma
Comment 1
2006-11-30 10:39:56 PST
TSW ID: THYN-6VJCRE
Sachin Padma
Comment 2
2006-11-30 10:43:24 PST
Created
attachment 11684
[details]
fix url not set null of deleting
Yongjun Zhang
Comment 3
2006-11-30 12:18:06 PST
Comment on
attachment 11684
[details]
fix url not set null of deleting r=me
Sachin Padma
Comment 4
2006-11-30 12:34:55 PST
committed as
r17943
Krishna
Comment 5
2007-01-21 08:28:00 PST
Verified and Closed.
Joel Parks
Comment 6
2011-03-21 11:52:52 PDT
re-purposing InTSW keyword for use by QtWebkit team
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug