Bug 179549 - Pasting into XmTextField is unreliable
Pasting into XmTextField is unreliable
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: openmotif (Show other bugs)
4.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: Thomas Woerner
:
Depends On:
Blocks: 180362 181409 405941
  Show dependency treegraph
 
Reported: 2006-02-01 06:23 EST by Ron Yorston
Modified: 2007-11-30 17:07 EST (History)
2 users (show)

See Also:
Fixed In Version: RHBA-2006-0292
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-08-10 17:17:04 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Proposed patch (1.51 KB, patch)
2006-02-01 06:23 EST, Ron Yorston
no flags Details | Diff
Revised patch after code review. (1.82 KB, patch)
2006-02-01 12:03 EST, Thomas Woerner
no flags Details | Diff
Revised patch to handle clipboard (2.11 KB, patch)
2006-02-06 09:57 EST, Ron Yorston
no flags Details | Diff
testcase (3.66 KB, text/plain)
2006-02-06 11:42 EST, Ron Yorston
no flags Details

  None (edit)
Description Ron Yorston 2006-02-01 06:23:38 EST
Description of problem:

We're using a UTF-8 locale and have a modify verify callback on our XmTextField
widgets.  In this environment selecting text and pasting it into an XmTextField
is unreliable:  sometimes nothing happens and sometimes garbage is appended to
the pasted text.  Everything works properly in the C locale or if there's no
modify verify callback.

Running the application under valgrind shows a couple of memory problems related
to the issue:

In TextFSel.c, around line 1100, the array wc_value is one character too short.

In TextF.c, around line 2934, the size of the array insert_orig is specified
using tf->text.max_char_size, whereas the documentation indicates that insert is
an array of wchar_t.  In our UTF-8 locale tf->text.max_char_size is 6 while
sizeof(wchar_t) is 4, so the bcopy at line 2935 is fetching data from beyond the
end of the array insert.

I've produced a patch which I think fixes these issues.  With this patch we can
paste text into our application reliably and valgrind is happy.


Version-Release number of selected component (if applicable):

2.2.3-9.RHEL4.1, though other versions are affected


How reproducible:


Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:

I've raised this issue upstream at:

   http://bugs.motifzone.net/show_bug.cgi?id=1321
Comment 1 Ron Yorston 2006-02-01 06:23:38 EST
Created attachment 123954 [details]
Proposed patch
Comment 2 Thomas Woerner 2006-02-01 12:03:39 EST
Created attachment 123975 [details]
Revised patch after code review.

This patch honors the text.max_char_size for generation of insert_orig in the
same way as ModifyVerify does.
Comment 3 Ron Yorston 2006-02-01 16:38:20 EST
Thanks for the revised patch, Thomas.  I've tried it with my test program and it
seems to work nicely.  Valgrind is now happy in both UTF-8 and C locales.
Comment 4 Ron Yorston 2006-02-06 09:55:56 EST
On further investigation I find that previous patches don't work if the
clipboard selection is used rather than the primary selection  (for example,
because XmTextFieldPaste has been called).  In this case ds->value (TextFSel.c
line 1102) isn't null terminated.  I've made a new patch to cover this case.
Comment 5 Ron Yorston 2006-02-06 09:57:54 EST
Created attachment 124259 [details]
Revised patch to handle clipboard
Comment 6 Thomas Woerner 2006-02-06 11:07:28 EST
Please attach your test case.
Comment 7 Ron Yorston 2006-02-06 11:42:49 EST
Created attachment 124266 [details]
testcase

Here's a hacked version of one of the examples from the O'Reilly Motif book
that should illustrate the problem.  I've changed the XmText widget in the
original to XmTextField.
Comment 16 Red Hat Bugzilla 2006-08-10 17:17:05 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2006-0292.html

Note You need to log in before you can comment on or make changes to this bug.