[Webkit-unassigned] [Bug 12355] Reproducible crash in WebCore::parseNumber in svg/custom/js-update-bounce.svg under guard-malloc
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sun Jan 21 18:28:21 PST 2007
http://bugs.webkit.org/show_bug.cgi?id=12355
------- Comment #1 from darin at apple.com 2007-01-21 18:28 PDT -------
This is a case of missing parentheses.
if (ptr < end && *ptr == 'e' || *ptr == 'E') { // read the exponent part
The && binds tighter than the ||. Instead we need to put parentheses around the
|| part of the expression.
--
Configure bugmail: http://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list