JavaScript array problem affecting bugzilla
Harri Porten
porten at froglogic.com
Sun Jul 18 19:12:24 CEST 2004
Hi,
On Fri, 16 Jul 2004, John Sullivan wrote:
> ArrayProtoFuncImp::call wasn't checking whether args[0] was valid. This
> caused a hang as follows:
>
> 1. Browse to http://bugzilla.mozilla.org/
> 2. Enter text into search field, ie "tiger"
> 3. Click Show
The test works fine. While we still had this bug, too, we probably were
lucky to not see the consequences. For me (with a x86 based system and
toInteger() returning an int) I got a large negative value for begin which
then got replace by 0.
Applied your patch, of course. Thanks.
Harri.
More information about the Khtml-devel
mailing list