Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-13 05:15:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fix js_FilterXMLList to save and restore fp->spbase (301596, r+a=shaver).

Browse Source
This commit is contained in:
brendan%mozilla.org 2005-07-21 19:14:30 +00:00
parent 8fa1dbb0b2
commit 19e50e0cc6
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
js/src/jsxml.c
View File

@ -7800,6 +7800,7 @@ js_FilterXMLList(JSContext *cx, JSObject *obj, jsbytecode *pc, jsval *vp)
JSStackFrame *fp;
JSObject *scobj, *listobj, *resobj, *withobj, *kidobj;
JSXML *xml, *list, *result, *kid;
jsval *spbase;
uint32 i, n;
ok = JS_EnterLocalRootScope(cx);
@ -7836,6 +7837,9 @@ js_FilterXMLList(JSContext *cx, JSObject *obj, jsbytecode *pc, jsval *vp)
goto bad;
fp->scopeChain = withobj;
/* Save and restore fp->spbase, as js_Interpret sets and clears it. */
spbase = fp->spbase;
for (i = 0, n = list->xml_kids.length; i < n; i++) {
kid = XMLARRAY_MEMBER(&list->xml_kids, i, JSXML);
kidobj = js_GetXMLObject(cx, kid);
@ -7858,6 +7862,7 @@ js_FilterXMLList(JSContext *cx, JSObject *obj, jsbytecode *pc, jsval *vp)
*vp = OBJECT_TO_JSVAL(resobj);
out:
fp->spbase = spbase;
fp->scopeChain = scobj;
JS_LeaveLocalRootScope(cx);
return ok;