This repository has been archived by the owner on Jan 15, 2021. It is now read-only.

Code bug in MozValue.cc #107

Open

enricogior opened this issue Feb 9, 2017 · 0 comments

Assignees

Labels

Member

enricogior commented Feb 9, 2017 •

edited

Loading

This code bug was found while investigating another bug (thaliproject/Thali_CordovaPlugin#1592).

  JS::Heap<JS::Value> hval;
  hval = JS::ObjectOrNullValue(reserved_obj);

  JS::AddNamedValueRoot(ctx_, &hval, nullptr);
  JS_SetReservedSlot(object_, GC_SLOT_GC_CALL, hval);

https://github.com/thaliproject/jxcore/blob/master/src/jx/Proxy/Mozilla_340/MozJS/MozValue.cc#L1151-L1155

hval is allocated on the stack and then passed to AddNamedValueRoot that is expecting a JS::Value object allocated on the heap.

The bug is low priority since that code path is not currently used by the ThaliProject code or any JXcore test.

The text was updated successfully, but these errors were encountered:

enricogior added bug jxcore labels

enricogior self-assigned this

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.