#6354: Forwarding a mail crashes app_server
----------------------------------+----------------------------
Reporter: humdinger | Owner: axeld
Type: bug | Status: new
Priority: normal | Milestone: R1
Component: Servers/app_server | Version: R1/Development
Resolution: | Keywords:
Blocked By: | Blocking:
Has a Patch: 0 | Platform: All
----------------------------------+----------------------------
Comment (by mmlr):
The faulting instruction seems to be at a call to
{{{ServerFont::GetHasGlyphs(char const*, int, bool*) const}}} here:
https://git.haiku-os.org/haiku/tree/src/servers/app/ServerApp.cpp#n2192
It uses a variable length array depending on the incoming message which
immediately sounds dangerous. It should at the very least check if it'll
fit into the stack and split up as needed, or better yet use a
StackOrHeapArray instead. I have not yet looked at the actual numbers that
are used here though.
--
Ticket URL: <https://dev.haiku-os.org/ticket/6354#comment:4>
Haiku <https://dev.haiku-os.org>
The Haiku operating system.
