Closed Bug 433528 Opened 17 years ago Closed 14 years ago

Null pointer dereference in failure cases under _newJSDContext

Categories

(Core :: JavaScript Engine, defect)

Product:
Core
Component:
JavaScript Engine
Platform:
x86
Windows XP
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
RESOLVED INCOMPLETE

People

(Reporter: timeless, Unassigned)

References

(
URL
)

Details

(Keywords: crash)

assume this succeeds: 125 if( ! jsd_CreateAtomTable(jsdc) ) assume this fails: 128 jband 3.2 if( ! jsd_InitObjectManager(jsdc) ) 129 goto label_newJSDContext_failure; 158 jband 3.2 label_newJSDContext_failure: 159 timeless 3.13 if( jsdc ) { 160 jsd_DestroyObjectManager(jsdc); http://bonsai.mozilla.org/cvsblame.cgi?file=/mozilla/js/jsd/jsd_obj.c&mark=233,245&rev=3.8#228 basically the alloc fails and we'll call 240 jsd_DestroyObjectManager(JSDContext* jsdc) 245 JS_HashTableDestroy(jsdc->objectsTable); which should be unhappy. ryan: this isn't your fault, but wanna work on it anyway? :)
Assignee: rflint → nobody
Component: Venkman JS Debugger → JavaScript Debugging APIs
Product: Other Applications → Core
QA Contact: venkman → jsd
Component: JavaScript Debugging/Profiling APIs → JavaScript Engine
Closing JSD bugs in anticipation of obsolescence.
Status: NEW → RESOLVED
Closed: 14 years ago
Resolution: --- → INCOMPLETE
You need to log in before you can comment on or make changes to this bug.