Closed
Bug 248458
Opened 21 years ago
Closed 21 years ago
Crash [@ nsJSIID::Equals] for null other
Categories
(Core :: XPConnect, defect)
Tracking
()
RESOLVED
FIXED
People
(Reporter: timeless, Assigned: timeless)
References
()
Details
(Keywords: crash)
Crash Data
Attachments
(1 file)
526 bytes,
patch
|
dbradley
:
review+
shaver
:
superreview+
|
Details | Diff | Splinter Review |
steps to reproduce:
1. run xpcshell
2.
js> Components.interfaces.nsISupports.equals(null)
Expected result:
false or an exception
Actual result:
crash
> xpc3250.dll!nsJSIID::Equals(nsIJSID * other=0x00000000, int *
_retval=0x0012e864) Line 439 + 0x3 C++
xpcom.dll!XPTC_InvokeByIndex(nsISupports * that=0x00f4b0c8, unsigned int
methodIndex=0x00000007, unsigned int paramCount=0x00000002, nsXPTCVariant *
params=0x0012e854) Line 102 C++
xpc3250.dll!XPCWrappedNative::CallMethod(XPCCallContext & ccx={...},
XPCWrappedNative::CallMode mode=CALL_METHOD) Line 2028 + 0x16 C++
Reproduced w/ trunk.
Attachment #151603 -
Flags: review?(BradleyJunk)
Comment 2•21 years ago
|
||
untrusted code can crash mozilla this way, too... see url field
Comment 3•21 years ago
|
||
nsJSID::Equals returns an error on this condition same. I'm wondering if they
should behave the same. I'm not saying that nsJSID::Equals is necessarily the
right behavior.
Comment 4•21 years ago
|
||
Comment on attachment 151603 [details] [diff] [review]
handle null
Doh, ok, retval != other. So this will make it behave the same as
nsJSID::Equals
Attachment #151603 -
Flags: review?(BradleyJunk) → review+
Comment 5•21 years ago
|
||
Oh, and I'd add a check for null of _retval as well like nsJSID::Equals does
Attachment #151603 -
Flags: superreview?(shaver)
Comment 6•21 years ago
|
||
Comment on attachment 151603 [details] [diff] [review]
handle null
sold.
Attachment #151603 -
Flags: superreview?(shaver) → superreview+
mozilla/js/src/xpconnect/src/xpcjsid.cpp 1.64
Status: NEW → RESOLVED
Closed: 21 years ago
Resolution: --- → FIXED
Updated•14 years ago
|
Crash Signature: [@ nsJSIID::Equals]
You need to log in
before you can comment on or make changes to this bug.
Description
•