Bug 332727 – Invalid read in e-table related code

After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.

Bug 332727 - Invalid read in e-table related code


Summary:	Invalid read in e-table related code


Status:	RESOLVED FIXED

Product:	evolution
Classification:	Applications
Component:	Do Not Use
Version:	2.6.x
Hardware:	Other Linux

Importance:	Normal major
Target Milestone:	---
Assigned To:	Harish Krishnaswamy
QA Contact:	Evolution QA team

URL:
Whiteboard:

Depends on:
Blocks:

Reported:	2006-02-27 12:26 UTC by Kjartan Maraas
Modified:	2013-09-13 12:25 UTC

See Also:
GNOME target:	---
GNOME version:	2.13/2.14

Attachments
Attached patch with appropriate changes. (1.19 KB, patch) 2006-04-12 06:38 UTC, Rajeev R	committed	Details \| Review

Description Kjartan Maraas 2006-02-27 12:26:53 UTC

Valgrind reports this:

==2674== Invalid read of size 4
==2674==    at 0x41C9F2B: ect_check (gal-a11y-e-cell-text.c:59)
==2674==    by 0x41CA4B3: ect_text_inserted_cb (gal-a11y-e-cell-text.c:535)
==2674==    by 0x41E1271: e_util_marshal_VOID__POINTER_INT_INT_INT_INT (e-util-marshal.c:1771)
==2674==    by 0x4E29EFC: g_closure_invoke (gclosure.c:490)
==2674==    by 0x4E3B90A: signal_emit_unlocked_R (gsignal.c:2438)
==2674==    by 0x4E3CD82: g_signal_emit_valist (gsignal.c:2197)
==2674==    by 0x4E3D028: g_signal_emit (gsignal.c:2241)
==2674==    by 0x4163B17: _insert (e-cell-text.c:2267)
==2674==    by 0x4164587: e_cell_text_view_command (e-cell-text.c:2379)
==2674==    by 0x4167364: e_cell_text_commit_cb (e-cell-text.c:1831)
==2674==    by 0x4E37EC2: g_cclosure_marshal_VOID__STRING (gmarshal.c:496)
==2674==    by 0x4E29EFC: g_closure_invoke (gclosure.c:490)
==2674==    by 0x4E3B90A: signal_emit_unlocked_R (gsignal.c:2438)
==2674==    by 0x4E3CD82: g_signal_emit_valist (gsignal.c:2197)
==2674==    by 0x4E3EC5D: g_signal_emit_by_name (gsignal.c:2265)
==2674==    by 0x49912DD: gtk_im_multicontext_commit_cb (gtkimmulticontext.c:454)
==2674==    by 0x4E37EC2: g_cclosure_marshal_VOID__STRING (gmarshal.c:496)
==2674==    by 0x4E29EFC: g_closure_invoke (gclosure.c:490)
==2674==    by 0x4E3B90A: signal_emit_unlocked_R (gsignal.c:2438)
==2674==    by 0x4E3CD82: g_signal_emit_valist (gsignal.c:2197)
==2674==    by 0x4E3EC5D: g_signal_emit_by_name (gsignal.c:2265)
==2674==    by 0x498FD14: gtk_im_context_simple_commit_char (gtkimcontextsimple.c:1041)
==2674==    by 0x4990389: gtk_im_context_simple_filter_keypress (gtkimcontextsimple.c:1245)
==2674==    by 0x498F332: gtk_im_context_filter_keypress (gtkimcontext.c:317)
==2674==    by 0x4991CF4: gtk_im_multicontext_filter_keypress (gtkimmulticontext.c:316)
==2674==    by 0x498F332: gtk_im_context_filter_keypress (gtkimcontext.c:317)
==2674==    by 0x4166D5F: ect_event (e-cell-text.c:962)
==2674==    by 0x415D6FC: e_cell_event (e-cell.c:183)
==2674==    by 0x4183C51: eti_e_cell_event (e-table-item.c:2245)
==2674==    by 0x4187C9C: eti_event (e-table-item.c:2810)
==2674==  Address 0xA73B1B0 is 0 bytes inside a block of size 80 free'd
==2674==    at 0x4004B6C: free (vg_replace_malloc.c:222)
==2674==    by 0x4E8C060: g_free (gmem.c:187)
==2674==    by 0x416350C: ect_kill_view (e-cell-text.c:391)
==2674==    by 0x415D762: e_cell_kill_view (e-cell.c:232)
==2674==    by 0x4182BB2: eti_detach_cell_views (e-table-item.c:413)
==2674==    by 0x4182D11: eti_remove_header_model (e-table-item.c:595)
==2674==    by 0x4182D7E: eti_dispose (e-table-item.c:1417)
==2674==    by 0x4E2C65F: g_object_run_dispose (gobject.c:571)
==2674==    by 0x49CBB7D: gtk_object_destroy (gtkobject.c:388)
==2674==    by 0x416BC8B: finish_editing (e-table-click-to-add.c:349)
==2674==    by 0x416C059: item_key_press (e-table-click-to-add.c:326)
==2674==    by 0x41E2AE2: e_util_marshal_INT__INT_INT_BOXED (e-util-marshal.c:566)
==2674==    by 0x4E29EFC: g_closure_invoke (gclosure.c:490)
==2674==    by 0x4E3B90A: signal_emit_unlocked_R (gsignal.c:2438)
==2674==    by 0x4E3CC35: g_signal_emit_valist (gsignal.c:2207)
==2674==    by 0x4E3D028: g_signal_emit (gsignal.c:2241)
==2674==    by 0x4188948: eti_event (e-table-item.c:2762)
==2674==    by 0x48708BF: gnome_canvas_marshal_BOOLEAN__BOXED (gnome-canvas-marshal.c:125)
==2674==    by 0x4E28738: g_type_class_meta_marshal (gclosure.c:567)
==2674==    by 0x4E29EFC: g_closure_invoke (gclosure.c:490)
==2674==    by 0x4E3BF52: signal_emit_unlocked_R (gsignal.c:2476)
==2674==    by 0x4E3CC35: g_signal_emit_valist (gsignal.c:2207)
==2674==    by 0x4E3EC5D: g_signal_emit_by_name (gsignal.c:2265)
==2674==    by 0x4054ADC: emit_event (e-canvas.c:264)
==2674==    by 0x4054E64: e_canvas_key (e-canvas.c:292)
==2674==    by 0x49AFE7D: _gtk_marshal_BOOLEAN__BOXED (gtkmarshalers.c:83)
==2674==    by 0x4E28738: g_type_class_meta_marshal (gclosure.c:567)
==2674==    by 0x4E29FEB: g_closure_invoke (gclosure.c:490)
==2674==    by 0x4E3BF52: signal_emit_unlocked_R (gsignal.c:2476)
==2674==    by 0x4E3CC35: g_signal_emit_valist (gsignal.c:2207)

Comment 1 Rajeev R 2006-04-12 06:38:44 UTC

Created attachment 63285 [details] [review]
Attached patch with appropriate changes.

Comment 2 Harish Krishnaswamy 2006-04-24 05:35:33 UTC

Patch reviewed and committed to HEAD and the gnome-2-14 branch. Thanks for your patch.

Comment 3 Harish Krishnaswamy 2006-06-22 05:30:05 UTC

Reopening the bug - See Bug #330728.

Comment 4 Kaushal Kumar 2006-07-21 07:05:51 UTC

Since I not working on this issue atm, re-assigning.

Comment 5 André Klapper 2006-08-01 14:46:41 UTC

well, bug 330728 is something different and ten lines of code away from this problem here. so either it's a dup and this one should be closed; or it's not a dup and this one here is fixed.

closing. ;-)