Closed Bug 387844 Opened 17 years ago Closed 17 years ago

Firefox crashes if removing parent node while in XBL constructor

Categories

(Core :: XBL, defect)

Product:
Core
Component:
XBL
Version:
1.8 Branch
Platform:
x86
macOS
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
VERIFIED FIXED

People

(Reporter: vladimir.sukhoy, Unassigned)

References

Details

(Keywords: crash, testcase, verified1.8.1.8, Whiteboard: [sg:critical?] fixed in 1.9 by 267833)

Attachments

(1 file)

testcase
884 bytes, application/xhtml+xml
Details
Attached file testcase 

    
  
Keywords: crash, 
          
            testcase

    
    

    
  
This is branch-only, right?  This seems to work fine on trunk.

And if so, this is basically bug 267833, no?

    
    

    
  
Branch-only. If there is no security risk, then WONTFIX..

    
    

    
  
Sure there's risk.  That's why we want to land bug 267833 on branch.  ;)
Group: security
Depends on: 267833
Flags: wanted1.8.1.x+
Flags: wanted1.8.0.x+
Flags: blocking1.8.1.6?

    
    

    
  
in 1.8.1.5pre I crash at nsCachedStyleData::GetStyleData() Line 210, 'this' is a deleted object.

Whiteboard: [sg:critical?]  fixed in 1.9 by 267833
Flags: blocking1.8.1.7? → blocking1.8.1.7+

    
    

    
  
the branch checkin for bug 267833 has fixed this one for 1.8.1.8
Keywords: fixed1.8.1.8

    
    

    
  
verified fixed 1.8.1.8 using Mozilla/5.0 (Macintosh; U; Intel Mac OS X; ja-JP-mac; rv:1.8.1.8) Gecko/2007100816 Firefox/2.0.0.8 - no crash on testcase - adding verified keyword
Keywords: fixed1.8.1.8verified1.8.1.8
Group: security

    
    

    
  
Can someone change the status then to VERIFIED? This is in the list of bugs fixed for MFSA 2007-29 but stands out cos of it's 'NEW' status.

    
  
Status: NEW → RESOLVED
Closed: 17 years ago
Resolution: --- → FIXED

    
  
Status: RESOLVED → VERIFIED

    
  
Flags: in-testsuite?

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: