No description provided.
Fixed in repo. Thanks for finding a class of bug we hadn't checked for in our fuzz testing. Running a long fuzz test in that area now to flush out any more.
This fix is included in the latest version of the graphite2 code in bug 631479 part 1 (attachment 556272 [details] [diff] [review]).
Given comment 3 should we mark this bug "fixed" then? it's not actually in the Firefox product and now won't be.
Marking "fixed" as per comments 3 and 4 - the bug never actually landed in our tree, and is now fixed upstream and in our under-review patch. Not sure why this is marked as "status-firefox9: affected", therefore?
Status: NEW → RESOLVED
Last Resolved: 8 years ago
Resolution: --- → FIXED
Whiteboard: [sg:critical?] → [sg:critical?][qa+]
No crash in 10.0b2 on Mac OS X. As I understand it, there's no prior build to observe crash, so marking verified in Fx 10 and closing out QA verification flag.
You need to log in before you can comment on or make changes to this bug.