Crash [@ nsJSIID::Equals] for null other

RESOLVED FIXED

Status

()

Product:
Core
Component:
XPConnect
Importance:
--
critical
Status:
RESOLVED FIXED
Reported:
15 years ago
Modified:
15 years ago

People

(Reporter: timeless, Assigned: timeless)

Tracking

({crash})

Version:
Trunk
Platform:
x86
Windows XP
Keywords:
crash
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(crash signature, URL)

Attachments

(1 attachment)

handle null
526 bytes, patch
dbradley
: review+
shaver
: superreview+
Details | Diff | Splinter Review
(Assignee)

Description

15 years ago 
steps to reproduce:
1. run xpcshell
2.
js> Components.interfaces.nsISupports.equals(null)

Expected result:
 false or an exception

Actual result:
crash

>	xpc3250.dll!nsJSIID::Equals(nsIJSID * other=0x00000000, int *
_retval=0x0012e864)  Line 439 + 0x3	C++
 	xpcom.dll!XPTC_InvokeByIndex(nsISupports * that=0x00f4b0c8, unsigned int
methodIndex=0x00000007, unsigned int paramCount=0x00000002, nsXPTCVariant *
params=0x0012e854)  Line 102	C++
 	xpc3250.dll!XPCWrappedNative::CallMethod(XPCCallContext & ccx={...},
XPCWrappedNative::CallMode mode=CALL_METHOD)  Line 2028 + 0x16	C++

Reproduced w/ trunk.
(Assignee)

Comment 1

15 years ago 
Created attachment 151603 [details] [diff] [review]
handle null
 (Assignee)

Updated

15 years ago
Attachment #151603 - Flags: review?(BradleyJunk)

Comment 2

15 years ago 
untrusted code can crash mozilla this way, too... see url field
URL: javascript:Components.interfaces.nsIS...

Comment 3

15 years ago 
nsJSID::Equals returns an error on this condition same. I'm wondering if they
should behave the same. I'm not saying that nsJSID::Equals is necessarily the
right behavior.

Comment 4

15 years ago 
Comment on attachment 151603 [details] [diff] [review]
handle null

Doh, ok, retval != other. So this will make it behave the same as
nsJSID::Equals
Attachment #151603 - Flags: review?(BradleyJunk) → review+

Comment 5

15 years ago 
Oh, and I'd add a check for null of _retval as well like nsJSID::Equals does
(Assignee)

Updated

15 years ago
Attachment #151603 - Flags: superreview?(shaver)

Comment 6

15 years ago 
Comment on attachment 151603 [details] [diff] [review]
handle null

sold.
Attachment #151603 - Flags: superreview?(shaver) → superreview+
 (Assignee)

Comment 7

15 years ago 
mozilla/js/src/xpconnect/src/xpcjsid.cpp 	1.64
Status: NEW → RESOLVED
Last Resolved: 15 years ago
Resolution: --- → FIXED
Crash Signature: [@ nsJSIID::Equals]
You need to log in before you can comment on or make changes to this bug.