[Webkit-unassigned] [Bug 27453] Uninitialized variable in WebCore::CSSFunctionValue::parserValue
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Jul 20 14:31:40 PDT 2009
https://bugs.webkit.org/show_bug.cgi?id=27453
--- Comment #4 from James Hawkins <jhawkins at google.com> 2009-07-20 14:31:39 PDT ---
Currently the only code that checks isInt will short-circuit on a check for
CSSPrimitiveValue::CSS_NUMBER or (unitFlags & FInteger).
CSSParser.cpp
419: if (!b && (unitflags & FInteger) && value->isInt)
CSSParserValues.cpp
64: else if (unit == CSSPrimitiveValue::CSS_NUMBER && isInt)
With that being said, I don't think I can write a test case that will fail
before the change and succeed with the patch applied. Regardless, code added
in the future could depend on the value of isInt alone, which could be set to
garbage if left uninitialized.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list