When JS_ReportError is called from API Level and no script is running js_ErrorToException causes an exeption violation because it accesses a component of a NULL pointer. if the define JS_HAS_ERROR_EXCEPTIONS is TRUE the call chain JS_ReportError js_ReportErrorVA ReportError(jscntxt.c) js_ErrorToException is triggerd while its successor (ReportError) is able to handle a null pointer for "JSErrorReport *reportp", accesses reportp->flags and causes a crash. The line in question can be found in the currently at URL in above. Kind Regards Klaus
cc'ing Brendan -
Status: UNCONFIRMED → NEW
Ever confirmed: true
As i now noticed the bug has been fixed with Version 3.21 of jscntxt.c where the NULL pointer has been replaced with the address to a binary '\0' structure.
Hoops, pressed to early commit. The fix was done in js_ReportErrorVA() therfore I missed it in my initial check. Regards Klaus *** This bug has been marked as a duplicate of 34425 ***
Status: NEW → RESOLVED
Last Resolved: 18 years ago
Resolution: --- → DUPLICATE
Marking Verified -
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.