Michael Daumling pointed this out in a private e-mail to brendan. I've checked in a fix for it on the trunk, but we should fix it on the branch too, since it's such a simple fix. The code in question is: ok = js_CheckPrincipalsAccess(cx, scopeobj, principals, js_eval_str); if (!ok) goto out; ok = js_Execute(cx, scopeobj, script, caller, JSFRAME_EVAL, rval); JS_DestroyScript(cx, script); out: I'll attach a patch for branch consideration in a second.
Created attachment 210375 [details] [diff] [review] Branch patch This is the patch I checked in (backported to the paramaterization changes for js_CheckPrincipalsAccess). Brendan, mind stamping this for posterity?
This is already fixed on the trunk, marking it as such.
Status: ASSIGNED → RESOLVED
Last Resolved: 13 years ago
Priority: -- → P2
Resolution: --- → FIXED
Comment on attachment 210375 [details] [diff] [review] Branch patch Another no-braner ;-). /be
Fix checked into the 1.8 branches.
Keywords: fixed126.96.36.199, fixed1.8.1
Please provide a testcase and/or testing guidance for this fix.
You need to log in before you can comment on or make changes to this bug.