[Webkit-unassigned] [Bug 227003] New: Butterfly::create() does not handle allocation failures.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Jun 14 18:46:06 PDT 2021
https://bugs.webkit.org/show_bug.cgi?id=227003
Bug ID: 227003
Summary: Butterfly::create() does not handle allocation
failures.
Product: WebKit
Version: WebKit Nightly Build
Hardware: Unspecified
OS: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: JavaScriptCore
Assignee: webkit-unassigned at lists.webkit.org
Reporter: msaboff at apple.com
Butterfly::create calls Butterfly:: tryCreate(), but always expects the allocation to succeed.
inline Butterfly* Butterfly::create(VM& vm, JSObject* intendedOwner, size_t preCapacity, size_t propertyCapacity, bool hasIndexingHeader, const IndexingHeader& indexingHeader, size_t indexingPayloadSizeInBytes)
{
Butterfly* result = tryCreate(vm, intendedOwner, preCapacity, propertyCapacity, hasIndexingHeader, indexingHeader, indexingPayloadSizeInBytes);
RELEASE_ASSERT(result);
return result;
}
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20210615/7456720e/attachment.htm>
More information about the webkit-unassigned
mailing list