[Bug 43374] New: valgrind shows an invalid read in dlls/mshtml/tests/ script.c

Tue Jul 18 13:15:40 CDT 2017

https://bugs.winehq.org/show_bug.cgi?id=43374

            Bug ID: 43374
           Summary: valgrind shows an invalid read in
                    dlls/mshtml/tests/script.c
           Product: Wine
           Version: 2.12
          Hardware: x86
                OS: Linux
            Status: NEW
          Keywords: download, source, testcase, valgrind
          Severity: normal
          Priority: P2
         Component: mshtml
          Assignee: wine-bugs at winehq.org
          Reporter: austinenglish at gmail.com
      Distribution: ---

==28896== Invalid read of size 2
==28896==    at 0x5678C6D: DispCallFunc (typelib.c:6674)
==28896==    by 0x680D479: invoke_builtin_function (dispex.c:1123)
==28896==    by 0x680D763: function_invoke (dispex.c:1174)
==28896==    by 0x680DA11: invoke_builtin_prop (dispex.c:1242)
==28896==    by 0x680E964: DispatchEx_InvokeEx (dispex.c:1533)
==28896==    by 0x16AC9205: IDispatchEx_InvokeEx (dispex.h:318)
==28896==    by 0x16AC9205: disp_call (???:0)
==28896==    by 0x16ACC7DF: exprval_call (engine.c:328)
==28896==    by 0x16ACF402: interp_call_member (engine.c:1213)
==28896==    by 0x16AD482D: enter_bytecode (engine.c:2787)
==28896==    by 0x16AD5533: exec_source (engine.c:3040)
==28896==    by 0x16AD7CF0: invoke_source (function.c:257)
==28896==    by 0x16AD8152: Function_invoke (function.c:350)
==28896==    by 0x16AC69A2: invoke_prop_func (dispex.c:383)
==28896==    by 0x16AC7C70: DispatchEx_InvokeEx (dispex.c:684)
==28896==    by 0x6856620: IDispatchEx_InvokeEx (dispex.h:318)
==28896==    by 0x6856620: call_disp_func (???:0)
==28896==    by 0x6856A51: call_event_handlers (htmlevent.c:961)
==28896==    by 0x685748B: fire_event_obj (htmlevent.c:1095)
==28896==    by 0x6857AC4: fire_event (htmlevent.c:1204)
==28896==    by 0x68CD65F: handle_load (nsevents.c:282)
==28896==    by 0x6B18A8A8: ???
==28896==  Address 0x7869d20 is 0 bytes after a recently re-allocated block of
size 0 alloc'd
==28896==    at 0x7BC51061: notify_alloc (heap.c:254)
==28896==    by 0x7BC5554F: RtlAllocateHeap (heap.c:1716)
==28896==    by 0x6809E6F: heap_alloc (mshtml_private.h:1168)
==28896==    by 0x680A6FF: add_func_info (dispex.c:277)
==28896==    by 0x680ABD4: process_interface (dispex.c:354)
==28896==    by 0x680AEE5: preprocess_dispex_data (dispex.c:419)
==28896==    by 0x680F3CA: init_dispex_with_compat_mode (dispex.c:1776)
==28896==    by 0x68E753F: init_dispex (mshtml_private.h:334)
==28896==    by 0x68EA736: OmNavigator_Create (omnavigator.c:1088)
==28896==    by 0x68AA791: HTMLWindow2_get_navigator (htmlwindow.c:920)
==28896==    by 0x4A9EAFF: IHTMLWindow2_get_navigator (mshtml.h:38483)
==28896==    by 0x4A9EAFF: test_script_run (???:0)
==28896==    by 0x4A9F739: ActiveScriptParse_ParseScriptText (script.c:2472)
==28896==    by 0x68FEBE6: IActiveScriptParse32_ParseScriptText
(activscp.h:1126)
==28896==    by 0x68FEBE6: parse_elem_text (???:0)
==28896==    by 0x68FF823: parse_inline_script (script.c:1103)
==28896==    by 0x68FFA7A: parse_script_elem (script.c:1142)
==28896==    by 0x69001FF: doc_insert_script (script.c:1285)
==28896==    by 0x68B9905: run_insert_script (mutation.c:349)
==28896==    by 0x68BA1B0: nsRunnable_Run (mutation.c:532)
==28896==    by 0x6A83E0A0: ???
==28896==    by 0x68BAEB0: nsDocumentObserver_AttemptToExecuteScript
(mutation.c:817)
==28896==

-- 
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.