Closed Bug 65226 Opened 24 years ago Closed 24 years ago

js_ErrorToException(cx, message, reportp)) cores if called without script

Categories

(Core :: JavaScript Engine, defect)

Product:
Core
Component:
JavaScript Engine
Type:
defect
Priority:
Not set
Severity:
minor

Tracking

()

Status:
VERIFIED DUPLICATE of bug 34425

People

(Reporter: kzi_at_job_100, Assigned: rogerl)

References

(
URL
)

Details

When JS_ReportError is called from API Level and no script is running 
js_ErrorToException causes an exeption violation because it accesses a 
component of a NULL pointer.

if the define JS_HAS_ERROR_EXCEPTIONS is TRUE the call chain
  JS_ReportError
  js_ReportErrorVA
  ReportError(jscntxt.c)
  js_ErrorToException
is triggerd

while its successor (ReportError) is able to handle a null pointer 
for "JSErrorReport *reportp", accesses reportp->flags and causes a crash. 

The line in question can be found in the currently at URL in above.

Kind Regards
Klaus
cc'ing Brendan -
Status: UNCONFIRMED → NEW
Ever confirmed: true
As i now noticed the bug has been fixed with Version 3.21 of jscntxt.c where 
the NULL pointer has been replaced with the address to a binary '\0' structure.
Hoops, pressed to early commit. The fix was done in js_ReportErrorVA() therfore 
I missed it in my initial check.
Regards
Klaus


*** This bug has been marked as a duplicate of 34425 ***
Status: NEW → RESOLVED
Closed: 24 years ago
Resolution: --- → DUPLICATE
Marking Verified -
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.