[Webkit-unassigned] [Bug 29313] Fix hard-to-reproduce crash in HTMLTokenizer by avoiding a rare fastRealloc edge case
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Sep 16 14:40:38 PDT 2009
https://bugs.webkit.org/show_bug.cgi?id=29313
--- Comment #4 from Alexey Proskuryakov <ap at webkit.org> 2009-09-16 14:40:37 PDT ---
+ // If we allow fastRealloc(ptr, 0), it will call CRASH().
Given bug 29026, this may be too strong a statement. Will this change even be
needed if bug 29026 is fixed the way we seem to have consensus on?
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list