Closed
Bug 351826
Opened 19 years ago
Closed 19 years ago
crash in CopyErrorReport() when NULL pointers in reportp
Categories
(Core :: JavaScript Engine, defect)
Core
JavaScript Engine
Tracking
()
RESOLVED
DUPLICATE
of bug 350393
People
(Reporter: MikeM, Unassigned)
Details
CopyErrorReport crashes because of NULL filename in reportp.
strlen() crashes if reportp has a null filename in CopyErrorReport()
filenameSize = strlen(report->filename) + 1;
also see line:
memcpy(cursor, report->filename, filenameSize);
The original error report came from jsinterp.c shown below:
JS_ReportErrorNumber(cx, js_GetErrorMessage, NULL, JSMSG_STACK_OVERFLOW,
(cx->fp && cx->fp->fun)
? JS_GetFunctionName(cx->fp->fun)
: "script");
|
Reporter | |
Comment 1•19 years ago
|
||
Sorry...I filed the same bug twice!
Status: NEW → RESOLVED
Closed: 19 years ago
Resolution: --- → INVALID
|
||
Comment 2•19 years ago
|
||
Bugzilla hygiene demands dup'ing this.
/be
Status: RESOLVED → REOPENED
Resolution: INVALID → ---
|
|
||
Comment 3•19 years ago
|
||
Bugzilla hygiene demands dup'ing this.
/be
*** This bug has been marked as a duplicate of 350393 ***
Status: REOPENED → RESOLVED
Closed: 19 years ago → 19 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•