close
Comments you submit will be routed for moderation. If you have an account, please log in first.
Modify

Opened 4 years ago

Closed 4 years ago

Last modified 4 years ago

#233 closed bug (fixed)

Hits when getting mails with preselection.

Reported by: opiopi Owned by:
Priority: undecided Milestone: YAM 2.7
Component: TCP/IP interface Version: nightly build
Severity: major Keywords:
Cc: OS Platform:
Blocked By: Blocking:
Release Notes:

Description

I set YAM in YAM Konfig->Neue Post->Grössenlimit a size of
200 KB. In my inbox was a mail with an size of 564.445 Bytes
so the preselection window appear. At this point i get a
MuGuardianAngel hit. Attached as YAM-Hit-1.txt.

I attach also a File YAM.Debug-Output.txt which show the
YAM.Debug-Output mixed with the MuGuardianAngel output.

After getting this mail i get another hit. Attached as
YAM-Hit-2.txt. For this hit i have no debug output but
hope it can be fixed without such output.

Used Version: YAM 2.7-dev [OS3/m68k] (06.11.2010)
on a A2000 OS 3.9 BB2

Attachments (4)

YAM-Hit-1.txt (4.3 KB) - added by opiopi 4 years ago.
YAM-Hit-2.txt (5.1 KB) - added by opiopi 4 years ago.
YAM.Debug-Output.txt (5.3 KB) - added by opiopi 4 years ago.
Output-11.11.2010-1.txt+lines.txt (5.1 KB) - added by opiopi 4 years ago.

Download all attachments as: .zip

Change History (12)

Changed 4 years ago by opiopi

Changed 4 years ago by opiopi

Changed 4 years ago by opiopi

comment:1 Changed 4 years ago by tboeckel

  • Status changed from new to pending

I am sorry, but I am unable to reproduce this issue, neither with OS3/MUI3.8 nor with OS4/MUI3.9.

Does it happen for you upon every download with preselection or just sometimes? Did you snapshot the preselection list's columns since it finally became possible since October 27th or are they still resized on demand each time?

comment:2 follow-up: Changed 4 years ago by opiopi

I not yet snapshot the columns.

Today i try it again. I set the size to 2kB.
This time i don't get a hit but i'll try it some times again.
Maybe it's depending on the size of the mails.

Another issue i discover today is:
I get some non ASCII output in the debug console like:
YAM_UT.c:4115:saved layout weight factors: [NonASCII]

A short look into the source show me the in the function
SaveLayout() 'buf' is free'ed but accessed later in the
debug output. Should be changed IMHO.

But that can't the cause for the hits mentioned in the first
post because i got the hits with a non debug version.

comment:3 follow-up: Changed 4 years ago by opiopi

After some tests i get again such hit.
I attach the output as 'Output-11.11.2010-1.txt+lines.txt'.

The '-> ...' after the offsets in the stack trace is the
output from GccFindHit added by a script.

I had a short look at the source and assume the calculation
of the memory size in DecodeData() Line 123 is wrong.

I can't verify that because my GCC is still not working. :-(

HTH

BTW: I get also a hit every time i close a read window.
But thats maybe another bug.

Changed 4 years ago by opiopi

comment:4 Changed 4 years ago by opiopi

  • Status changed from pending to new

Attachment (Output-11.11.2010-1.txt+lines.txt) added by ticket reporter.

comment:5 in reply to: ↑ 2 Changed 4 years ago by tboeckel

Replying to opiopi:

A short look into the source show me the in the function
SaveLayout() 'buf' is free'ed but accessed later in the
debug output. Should be changed IMHO.

Just fixed that.

comment:6 in reply to: ↑ 3 Changed 4 years ago by tboeckel

Replying to opiopi:

I had a short look at the source and assume the calculation
of the memory size in DecodeData() Line 123 is wrong.

Ouch, that might have been it. The determined len value is the final size information and has nothing to do with the encoded string length. Please try again with the next nightly build.

BTW: I get also a hit every time i close a read window.
But thats maybe another bug.

No, that is absolutely unrelated, because the read windows don't need to save the column layout of some NList objects. Please open a separate ticket for that issue.

comment:7 Changed 4 years ago by tboeckel

  • Resolution set to fixed
  • Status changed from new to closed

(In [5445]) * mui/Base64Dataspace.c: fixed a too small memory allocation which very

probably caused the buffer overrun described in ticket #233.
This closes #233.

comment:8 Changed 4 years ago by tboeckel

Please try again with the next nightly build and reopen this ticket if the issue is not yet fixed.

Add Comment

Modify Ticket

Action
as closed .
The resolution will be deleted. Next status will be 'reopened'.
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.

This list contains all users that will be notified about changes made to this ticket.

These roles will be notified: Reporter, Owner, Subscriber

  • Frank Weber(Reporter, Participant)