Failure to free a JSScript in obj_eval

RESOLVED FIXED in mozilla1.9alpha1

Status

()

Core
JavaScript Engine
P2
normal
RESOLVED FIXED
12 years ago
12 years ago

People

(Reporter: mrbkap, Assigned: mrbkap)

Tracking

({fixed1.8.0.2, fixed1.8.1})

Trunk
mozilla1.9alpha1
x86
Linux
fixed1.8.0.2, fixed1.8.1
Points:
---
Bug Flags:
in-testsuite -

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [tcn-dl])

Attachments

(1 attachment)

(Assignee)

Description

12 years ago
Michael Daumling pointed this out in a private e-mail to brendan. I've checked in a fix for it on the trunk, but we should fix it on the branch too, since it's such a simple fix.

The code in question is:
    ok = js_CheckPrincipalsAccess(cx, scopeobj, principals, js_eval_str);
    if (!ok)
        goto out;

    ok = js_Execute(cx, scopeobj, script, caller, JSFRAME_EVAL, rval);
    JS_DestroyScript(cx, script);

out:

I'll attach a patch for branch consideration in a second.
(Assignee)

Comment 1

12 years ago
Created attachment 210375 [details] [diff] [review]
Branch patch

This is the patch I checked in (backported to the paramaterization changes for js_CheckPrincipalsAccess). Brendan, mind stamping this for posterity?
Assignee: general → mrbkap
Status: NEW → ASSIGNED
Attachment #210375 - Flags: review?(brendan)
Attachment #210375 - Flags: branch-1.8.1?(brendan)
Attachment #210375 - Flags: approval1.8.0.2?
(Assignee)

Comment 2

12 years ago
This is already fixed on the trunk, marking it as such.
Status: ASSIGNED → RESOLVED
Last Resolved: 12 years ago
Priority: -- → P2
Resolution: --- → FIXED
Comment on attachment 210375 [details] [diff] [review]
Branch patch

Another no-braner ;-).

/be
Attachment #210375 - Flags: review?(brendan)
Attachment #210375 - Flags: review+
Attachment #210375 - Flags: branch-1.8.1?(brendan)
Attachment #210375 - Flags: branch-1.8.1+
Attachment #210375 - Flags: approval1.8.0.2?
Attachment #210375 - Flags: approval1.8.0.2+

Updated

12 years ago
Flags: testcase-
(Assignee)

Comment 4

12 years ago
Fix checked into the 1.8 branches.
Keywords: fixed1.8.0.2, fixed1.8.1
Please provide a testcase and/or testing guidance for this fix.
Whiteboard: [tcn-dl]
You need to log in before you can comment on or make changes to this bug.