Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-10 03:45:46 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 1114667 - crash in js::VectorToIdArray(JSContext*, JS::AutoIdVector&, JSIdArray**). r=bholley

Browse Source 
--HG--
extra : rebase_source : dbc2df29f4d0efea7113b7365197e8c36a5d0d84
This commit is contained in:
Dave Huseby 2015-02-10 18:07:00 +01:00
parent 3c7f8f7826
commit 07d32b098f
1 changed files with 13 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
dom/geolocation/nsGeolocationSettings.cpp
View File

@ -224,6 +224,8 @@ nsGeolocationSettings::HandleGeolocationAlaEnabledChange(const JS::Value& aVal)
void
nsGeolocationSettings::HandleGeolocationPerOriginSettingsChange(const JS::Value& aVal)
{
MOZ_ASSERT(NS_IsMainThread());
if (!aVal.isObject()) {
return;
}
@ -231,11 +233,17 @@ nsGeolocationSettings::HandleGeolocationPerOriginSettingsChange(const JS::Value&
// clear the hash table
mPerOriginSettings.Clear();
// enumerate the array
AutoJSAPI jsapi;
jsapi.Init();
JSContext* cx = jsapi.cx();
JS::Rooted<JSObject*> obj(cx, &aVal.toObject());
// root the object and get the global
JS::Rooted<JSObject*> obj(nsContentUtils::RootingCx(), &aVal.toObject());
MOZ_ASSERT(obj);
nsIGlobalObject* global = xpc::NativeGlobal(obj);
NS_ENSURE_TRUE_VOID(global && global->GetGlobalJSObject());
// because the spec requires calling getters when enumerating the key of a
// dictionary
AutoEntryScript aes(global);
aes.TakeOwnershipOfErrorReporting();
JSContext *cx = aes.cx();
JS::AutoIdArray ids(cx, JS_Enumerate(cx, obj));
// if we get no ids then the exception list is empty and we can return here.