Comment on revision r4480 in tinymux

3 views

Skip to first unread message

tin...@googlecode.com

unread,

Jan 22, 2010, 11:52:14 AM1/22/10

to tinym...@googlegroups.com

brazilofmux commented on revision r4480 in project tinymux.
Details are at http://code.google.com/p/tinymux/source/detail?r=4480

Score: Positive

General Comment:
The fixes yet another bug in the edit() code path. I'm concerned about
removing the block of code on line 5018, but I've convinced myself. I've
also run the edit() cases from previous issues.

Line-by-line comments:

File: /branches/dev_brazil/mux/src/stringutil.cpp (r4474)
===============================================================================

Line 5018: }
-------------------------------------------------------------------------------
When, realloc_m_pcs() was initializing the color state to m_iLast.m_point,
this code was necessary because edit() could be expanding the size of the
string. Now that realloc_m_pcs() is always initializing to the length of
the iLast.m_point, this code is not needed.

File: /branches/dev_brazil/mux/src/stringutil.cpp (r4480)
===============================================================================

Line 4912: for (i = 0; i < ncs; i++)
-------------------------------------------------------------------------------
This is the part related to the heap corruption. Previously, it used the
length of the mux_string, but in the edit() code path, that isn't set until
later, so if the string is shrinking because edit() is removing characters,
the above loop can set CS_NORMAL beyond the end of what was allocated with
new ColorState[ncs].

Line 4919: memcpy(m_pcs, pcsOld, m_ncs * sizeof(m_pcs[0]));
-------------------------------------------------------------------------------
The behavior of realloc_m_pcs() is very quirky. I don't like the interface
contract at all. If color is available, is does not necessarily initialize
any color state beyond the old size. I can't find any calls for which this
is a problem, but it is quirky behavior.

Respond to these comments at
http://code.google.com/p/tinymux/source/detail?r=4480
--
You received this message because you starred this review, or because
your project has directed all notifications to a mailing list that you
subscribe to.
You may adjust your review notification preferences at:
http://code.google.com/hosting/settings

Reply all

Reply to author

Forward

0 new messages