OOM in Compiler::compileScript when |script| is not checked

RESOLVED FIXED

Status

()

Core
JavaScript Engine
RESOLVED FIXED
6 years ago
4 years ago

People

(Reporter: Paul Biggar, Assigned: Paul Biggar)

Tracking

(Blocks: 1 bug)

unspecified
x86
All
Points:
---

Firefox Tracking Flags

(firefox6- fixed)

Details

(Whiteboard: [fixed-in-tracemonkey])

Attachments

(1 attachment)

(Assignee)

Description

6 years ago
Created attachment 536086 [details] [diff] [review]
fix OOM

In Compiler::compileScript, |script| can be NULL when passed to defineGlobals. This returns NULL instead.
Attachment #536086 - Flags: review?(jwalden+bmo)
Attachment #536086 - Flags: review?(jwalden+bmo) → review+
(Assignee)

Comment 1

6 years ago
https://bugzilla.mozilla.org/show_bug.cgi?id=660638
Whiteboard: [fixed-in-tracemonkey]
(Assignee)

Comment 2

6 years ago
Um, I mean:

http://hg.mozilla.org/tracemonkey/rev/29b7c7a14506
Duplicate of this bug: 606665
cdleary-bot mozilla-central merge info:
http://hg.mozilla.org/mozilla-central/rev/29b7c7a14506
Status: NEW → RESOLVED
Last Resolved: 6 years ago
Resolution: --- → FIXED

Comment 5

6 years ago
This affects 2.0.0, beta and aurora. Paul, is this low enough risk to make it into Firefox 6?
status-firefox6: --- → affected
tracking-firefox6: --- → ?
OS: Mac OS X → All
(Assignee)

Comment 6

6 years ago
Sure, this is pretty low-risk.

Updated

6 years ago
tracking-firefox6: ? → -

Comment 7

6 years ago
Comment on attachment 536086 [details] [diff] [review]
fix OOM

Approved for Aurora landing. (not tracking, though). Please land as soon as possible since Aurora only has a couple of weeks left.
Attachment #536086 - Flags: approval-mozilla-aurora+
(Assignee)

Comment 8

6 years ago
Just to clarify, who is going to land this in aurora? Is it me? I'm OK with that, I just want to be sure :)
(In reply to comment #8)
> Just to clarify, who is going to land this in aurora? Is it me? 

Yes.
Assignee: general → pbiggar
(Assignee)

Comment 10

6 years ago
Landed in aurora:

http://hg.mozilla.org/releases/mozilla-aurora/rev/f69cd8f15cdf
(Assignee)

Updated

6 years ago
status-firefox6: affected → fixed
You need to log in before you can comment on or make changes to this bug.