js_ErrorToException(cx, message, reportp)) cores if called without script

VERIFIED DUPLICATE of bug 34425

Status

()

Core
JavaScript Engine
--
minor
VERIFIED DUPLICATE of bug 34425
17 years ago
16 years ago

People

(Reporter: Klaus Ziegler, Assigned: rogerl (gone))

Tracking

Trunk
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(URL)

(Reporter)

Description

17 years ago
When JS_ReportError is called from API Level and no script is running 
js_ErrorToException causes an exeption violation because it accesses a 
component of a NULL pointer.

if the define JS_HAS_ERROR_EXCEPTIONS is TRUE the call chain
  JS_ReportError
  js_ReportErrorVA
  ReportError(jscntxt.c)
  js_ErrorToException
is triggerd

while its successor (ReportError) is able to handle a null pointer 
for "JSErrorReport *reportp", accesses reportp->flags and causes a crash. 

The line in question can be found in the currently at URL in above.

Kind Regards
Klaus

Comment 1

17 years ago
cc'ing Brendan - 
Status: UNCONFIRMED → NEW
Ever confirmed: true
(Reporter)

Comment 2

17 years ago
As i now noticed the bug has been fixed with Version 3.21 of jscntxt.c where 
the NULL pointer has been replaced with the address to a binary '\0' structure.
(Reporter)

Comment 3

17 years ago
Hoops, pressed to early commit. The fix was done in js_ReportErrorVA() therfore 
I missed it in my initial check.
Regards
Klaus


*** This bug has been marked as a duplicate of 34425 ***
Status: NEW → RESOLVED
Last Resolved: 17 years ago
Resolution: --- → DUPLICATE

Comment 4

17 years ago
Marking Verified - 
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.