[Webkit-unassigned] [Bug 28353] yarr/RegexInterpreter.cpp crashes on ./ecma_2/RegExp/exec-002.js
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sun Aug 16 02:27:06 PDT 2009
https://bugs.webkit.org/show_bug.cgi?id=28353
Holger Freyther <zecke at selfish.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #34923| |review?
Flag| |
--- Comment #1 from Holger Freyther <zecke at selfish.org> 2009-08-16 02:27:05 PDT ---
Created an attachment (id=34923)
--> (https://bugs.webkit.org/attachment.cgi?id=34923)
2009-08-16 Holger Hans Peter Freyther <zecke at selfish.org>
Reviewed by NOBODY (OOPS!).
Fix crash on ./ecma_2/RegExp/exec-002.js.
https://bugs.webkit.org/show_bug.cgi?id=28353
Change the order of freeParenthesesDisjunctionContext and
popParenthesesDisjunctionContext on all call sites as the pop
method is accessing backTrack->lastContext which is the context
that is about to be freed.
* yarr/RegexInterpreter.cpp:
(JSC::Yarr::Interpreter::parenthesesDoBacktrack):
(JSC::Yarr::Interpreter::backtrackParentheses):
---
2 files changed, 19 insertions(+), 3 deletions(-)
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list