Closed Bug 1654016 Opened 4 years ago Closed 4 years ago

FinalizationQueueObject::create doesn't check whether GetObjectFromIncumbentGlobal gave us a null pointer

Tracking

()

Status:

RESOLVED FIXED

Milestone:

mozilla80

Tracking Flags:

Tracking

Status

firefox80

---

fixed

People

(Reporter: jonco, Assigned: jonco)

Details

Attachments

(1 file)

Bug 1654016 - Check whether js::GetObjectFromIncumbentGlobal returns null r?sfink 4 years ago Jon Coppeard (:jonco) 47 bytes, text/x-phabricator-request		Details \| Review

Jon Coppeard (:jonco)

Assignee

Description

•

4 years ago

As pointed out by anba, js::GetObjectFromIncumbentGlobal has a boolean return value but it can also set its out parameter to nullptr on success. FinalizationQueueObject::create should check for this.

Jon Coppeard (:jonco)

Assignee

Comment 1

•

4 years ago

Attached file Bug 1654016 - Check whether js::GetObjectFromIncumbentGlobal returns null r?sfink — Details

Pulsebot

Comment 2

•

4 years ago

Pushed by jcoppeard@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/72ec4b8c3a56
Check whether js::GetObjectFromIncumbentGlobal returns null r=sfink

Cristina Coroiu [:ccoroiu]

Comment 3

•

4 years ago

bugherder

https://hg.mozilla.org/mozilla-central/rev/72ec4b8c3a56

Status: NEW → RESOLVED

Closed: 4 years ago

status-firefox80: --- → fixed

Resolution: --- → FIXED

Target Milestone: --- → mozilla80

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

FinalizationQueueObject::create doesn't check whether GetObjectFromIncumbentGlobal gave us a null pointer

Categories

(Core :: JavaScript: GC, defect, P1)

Tracking

()

People

(Reporter: jonco, Assigned: jonco)

References

Details

Crash Data

Security

(public)

User Story

Attachments

(1 file)

Description

Comment 1

Comment 2

Comment 3

Attachment

General

Description

File Name

Content Type