Closed Bug 976054 Opened 10 years ago Closed 10 years ago

16-bit limit on JSScript::nslots_

Tracking

()

Status:

RESOLVED FIXED

Milestone:

mozilla30

People

(Reporter: wingo, Assigned: luke)

Details

Attachments

(1 file)

fix-xdr-nslots 10 years ago Luke Wagner [:luke] 3.40 KB, patch	wingo : review+	Details \| Diff \| Splinter Review

Andy Wingo [:wingo]

Reporter

Description

•

10 years ago

It seems that script->nslots_ is getting xdr'd as a 16-bit integer; see .  This doesn't seem right.  Assigning to luke as he worked in this area recently.

http://mxr.mozilla.org/mozilla-central/source/js/src/jsscript.cpp#580

Luke Wagner [:luke]

Assignee

Comment 1

•

10 years ago

Attached patch fix-xdr-nslots — Details — Splinter Review

Good catch!

Attachment #8380727 - Flags: review?(wingo)

Andy Wingo [:wingo]

Reporter

Updated

•

10 years ago

Attachment #8380727 - Flags: review?(wingo) → review+

Luke Wagner [:luke]

Assignee

Comment 2

•

10 years ago

https://hg.mozilla.org/integration/mozilla-inbound/rev/758fef09a727

Wes Kocher (:KWierso) (Not reading bugmail; email directly if needed)

Comment 3

•

10 years ago

https://hg.mozilla.org/mozilla-central/rev/758fef09a727

Status: NEW → RESOLVED

Closed: 10 years ago

Resolution: --- → FIXED

Target Milestone: --- → mozilla30

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

16-bit limit on JSScript::nslots_

Categories

(Core :: JavaScript Engine, defect)

Tracking

()

People

(Reporter: wingo, Assigned: luke)

References

Details

Crash Data

Security

(public)

User Story

Attachments

(1 file)

Description

Comment 1

Updated

Comment 2

Comment 3

Attachment

General

Description

File Name

Content Type