[Webkit-unassigned] [Bug 109836] [JIT] Memory overwrite by Math object functions
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Feb 15 07:45:06 PST 2013
https://bugs.webkit.org/show_bug.cgi?id=109836
--- Comment #1 from Wojciech Bielawski <w.bielawski at samsung.com> 2013-02-15 07:47:24 PST ---
I've found that "memory overwrite" is done in returnDouble function in SavaScriptCore/jit/SpecializedThunkJIT.h file.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list