Created attachment 526495 [details] testcase (crashes Firefox when loaded) Crash [@ nsScriptElement::MaybeProcessScript] The code that's crashing was added in bug 592366: http://hg.mozilla.org/mozilla-central/annotate/b140e7746652/content/base/src/nsScriptElement.cpp#l172
Needs more null checking.
Assignee: nobody → hsivonen
Status: NEW → ASSIGNED
Created attachment 526706 [details] [diff] [review] Add a null check This code was written with HTML in mind. Yay for XML code paths. :-( That we come to this branch at all is bogus. Will fix properly in bug 563322.
Attachment #526706 - Flags: review?(Olli.Pettay)
Attachment #526706 - Flags: review?(Olli.Pettay) → review+
Status: ASSIGNED → RESOLVED
Last Resolved: 8 years ago
Resolution: --- → FIXED
Comment on attachment 526706 [details] [diff] [review] Add a null check This is a stability fix that simply adds a null check. Seems to fit the Aurora criteria, so nominating.
Attachment #526706 - Flags: approval-mozilla-aurora?
Attachment #526706 - Flags: approval-mozilla-aurora? → approval-mozilla-aurora+
status-firefox5: --- → fixed
Target Milestone: --- → mozilla6
Crash Signature: [@ nsScriptElement::MaybeProcessScript]
You need to log in before you can comment on or make changes to this bug.