[Webkit-unassigned] [Bug 133915] New: No check for type on use of Dictionary
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sat Jun 14 14:09:26 PDT 2014
https://bugs.webkit.org/show_bug.cgi?id=133915
Summary: No check for type on use of Dictionary
Product: WebKit
Version: 528+ (Nightly build)
Platform: Unspecified
OS/Version: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: Bindings
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: krit at webkit.org
DOMPoint(Dictionary point) doesn't check for type of point in generated code. This allows basically every value and doesn't throw as it should.
JSDOMPointConstructor* castedThis = jsCast<JSDOMPointConstructor*>(exec->callee());
if (exec->argumentCount() < 1)
return throwVMError(exec, createNotEnoughArgumentsError(exec));
Dictionary point(exec, exec->argument(0));
DOMPoint(1) would not throw.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list