Ticket #210 (Fixed)Tue Jul 21 14:49:55 UTC 2009

TextGadgets module returns pointers to OS error blocks allocated on the SVC stack

Details by Christopher Bazley (288):

Many functions in the TextGadgets module return pointers to OS error blocks automatically allocated on the run-time stack within the body of the function. This is very bad practice because any pointers to automatic variables become invalid as soon as they go out of scope, and the effect of using them afterwards is undefined. This is the kind of mistake that a novice C programmer might make!

On RISC OS, the consequence is that the error block may be overwritten by garbage if anything uses that part of the SVC mode stack between the error block being created and the error being handled.

The errors affected are:

“Not enough memory” when adding a redraw handler for a text area, scroll list, or scrollbar gadget. Luckily, this error is ignored by the calling code.

“Not enough memory to add item” in method ScrollList_AddItem. Potentially fatal.

“Not enough memory” in method ScrollList_SetItemText. Potentially fatal.

“No such scrollbar” when removing a redraw handler for a scroll bar. Luckily, this error is ignored by the calling code.

“No such scrolling list” when removing a redraw handler for a scroll list. Luckily, this error is ignored by the calling code.

“No such text area” when removing a redraw handler for a text area. Luckily, this error is ignored by the calling code.

“Invalid desktop colour” in method ScrollList_SetColour or TextArea_SetColour. Potentially fatal.