RESOLVED FIXED 27218
[V8] Add missing check for constructor call in WebKitCSSMatrixConstructor 
https://bugs.webkit.org/show_bug.cgi?id=27218
Summary [V8] Add missing check for constructor call in WebKitCSSMatrixConstructor
Dimitri Glazkov (Google)
Reported 2009-07-13 08:56:16 PDT
Found by skylined+cevans.
Attachments
Add missing cosntructor call check, v1. (3.41 KB, patch)
2009-07-13 09:28 PDT, Dimitri Glazkov (Google) 		fishd: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Dimitri Glazkov (Google)
Comment 1 2009-07-13 09:28:29 PDT
Created attachment 32662 [details] Add missing cosntructor call check, v1. LayoutTests/ChangeLog | 10 +++++++ .../fast/css/matrix-as-function-crash-expected.txt | 3 ++ LayoutTests/fast/css/matrix-as-function-crash.html | 27 ++++++++++++++++++++ WebCore/ChangeLog | 11 ++++++++ .../v8/custom/V8WebKitCSSMatrixConstructor.cpp | 4 +++ 5 files changed, 55 insertions(+), 0 deletions(-)
Darin Fisher (:fishd, Google)
Comment 2 2009-07-13 09:30:15 PDT
Comment on attachment 32662 [details] Add missing cosntructor call check, v1. > +++ b/WebCore/ChangeLog > @@ -1,3 +1,14 @@ > +2009-07-13 Dimitri Glazkov <dglazkov@chromium.org> > + > + Reviewed by NOBODY (OOPS!). > + > + [V8] Add a missing check for constructor call in WebKitCSSMatrixConstructor. > + > + Test: fast/css/matrix-as-function-crash.html > + > + * bindings/v8/custom/V8WebKitCSSMatrixConstructor.cpp: > + (WebCore::CALLBACK_FUNC_DECL): Added a check for constructor call. ^^^ needs a bug link r=me
Dimitri Glazkov (Google)
Comment 3 2009-07-13 09:41:20 PDT
Landed as http://trac.webkit.org/changeset/45826.
Note You need to log in before you can comment on or make changes to this bug.