Closed
Bug 265184
Opened 21 years ago
Closed 20 years ago
[FIX]Crash in XBL when <handlers> comes inside <implementation>
Categories
(Core :: XBL, defect, P1)
Core
XBL
Tracking
()
RESOLVED
FIXED
mozilla1.8alpha6
People
(Reporter: bzbarsky, Assigned: bzbarsky)
References
Details
(Keywords: crash)
Attachments
(3 files)
|
346 bytes,
application/xml
|
Details | |
|
214 bytes,
text/html
|
Details | |
|
2.96 KB,
patch
|
bryner
:
review+
jst
:
superreview+
|
Details | Diff | Splinter Review |
This was a case overlooked by the patch in bug 223799.
The basic problem is that we open <implementation> in the XBL sink (but not the
XML one. Then we try to open <handlers>, go into error mode, and stop doing
weird XBL stuff... so when </implementation> comes around we actually close it
in the XML sink (which doesn't check whether the right thing is being closed,
because expat wouldn't allow the wrong thing to be closed). Then when we try to
close <bindings> we crash (or rather PR_ASSERT, but the result is the same) in
nsXMLContentSink::HandleEndElement because we've already closed the document
element.
|
Assignee | |
Comment 1•21 years ago
|
||
|
|
Assignee | |
Comment 2•21 years ago
|
||
|
|
Assignee | |
Comment 3•21 years ago
|
||
|
|
Assignee | |
Updated•21 years ago
|
Attachment #162721 -
Flags: superreview?(jst)
Attachment #162721 -
Flags: review?(bryner)
|
|
Assignee | |
Updated•21 years ago
|
Priority: -- → P1
Summary: Crash in XBL when <handlers> comes inside <implementation> → [FIX]Crash in XBL when <handlers> comes inside <implementation>
Target Milestone: --- → mozilla1.8alpha5
|
||
Comment 4•21 years ago
|
||
Comment on attachment 162721 [details] [diff] [review]
Patch
sr=jst
Attachment #162721 -
Flags: superreview?(jst) → superreview+
|
||
Comment 5•20 years ago
|
||
*** Bug 219006 has been marked as a duplicate of this bug. ***
|
|
||
Updated•20 years ago
|
Attachment #162721 -
Flags: review?(bryner) → review+
|
|
Assignee | |
Comment 6•20 years ago
|
||
Fix checked in.
Status: NEW → RESOLVED
Closed: 20 years ago
Resolution: --- → FIXED
Target Milestone: mozilla1.8alpha5 → mozilla1.8alpha6
*** Bug 253376 has been marked as a duplicate of this bug. ***
You need to log in
before you can comment on or make changes to this bug.
Description
•