[Webkit-unassigned] [Bug 227003] New: Butterfly::create() does not handle allocation failures.

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon Jun 14 18:46:06 PDT 2021


https://bugs.webkit.org/show_bug.cgi?id=227003

            Bug ID: 227003
           Summary: Butterfly::create() does not handle allocation
                    failures.
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: JavaScriptCore
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: msaboff at apple.com

Butterfly::create calls Butterfly:: tryCreate(), but always expects the allocation to succeed.

inline Butterfly* Butterfly::create(VM& vm, JSObject* intendedOwner, size_t preCapacity, size_t propertyCapacity, bool hasIndexingHeader, const IndexingHeader& indexingHeader, size_t indexingPayloadSizeInBytes)
{
    Butterfly* result = tryCreate(vm, intendedOwner, preCapacity, propertyCapacity, hasIndexingHeader, indexingHeader, indexingPayloadSizeInBytes);

    RELEASE_ASSERT(result);
    return result;
}

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20210615/7456720e/attachment.htm>


More information about the webkit-unassigned mailing list