Closed Bug 473278 Opened 12 years ago Closed 11 years ago
Crash [@ ns
Rect::ns Rect] with Math ML, clip-path, transform
Null deref [@ nsRect::nsRect]
Related to bug 467914?
Here's !exploitable output from WinDbg: 0:000> !exploitable Exploitability Classification: UNKNOWN Recommended Bug Title: Data from Faulting Address may be used as a return value starting at gkgfx!nsRect::nsRect+0x25 (Hash=0x6536375b.0x645b3f71) The data from the faulting address may later be used as a return value from this function.
WFM. I'll add a crashtest soon.
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → WORKSFORME
Crash Signature: [@ nsRect::nsRect]
You need to log in before you can comment on or make changes to this bug.