corysanin/tubestation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Possible overflow in ResizeSlots on 64-bit systems (517644, r=jorendorff).

Browse Source
This commit is contained in:
Andreas Gal
2009-10-06 15:24:12 -07:00
parent 15af87cc0c
commit 1ba16cb3ab
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
js/src/jsarray.cpp
View File

@@ -327,7 +327,7 @@ ResizeSlots(JSContext *cx, JSObject *obj, uint32 oldlen, uint32 newlen)
}
slots = obj->dslots ? obj->dslots - 1 : NULL;
newslots = (jsval *) cx->realloc(slots, (newlen + 1) * sizeof(jsval));
newslots = (jsval *) cx->realloc(slots, (size_t(newlen) + 1) * sizeof(jsval));
if (!newslots)
return JS_FALSE;