summaryrefslogtreecommitdiff
path: root/Source/JavaScriptCore/API/JSBase.cpp
diff options
context:
space:
mode:
authorMark Hahnenberg <mhahnenberg@apple.com>2014-03-06 15:21:56 +0100
committerThe Qt Project <gerrit-noreply@qt-project.org>2014-03-07 16:18:10 +0100
commit8a808a34c08d4e0ca109606dd8751b0d1fe53afd (patch)
tree6bd6445bc9c6d92bed14f485e1d3ccd5c3781c39 /Source/JavaScriptCore/API/JSBase.cpp
parentc918e812f8bfce660b96e19744e5c13a8166d854 (diff)
downloadqtwebkit-8a808a34c08d4e0ca109606dd8751b0d1fe53afd.tar.gz
JSObject::putDirectIndexBeyondVectorLengthWithArrayStorage does a check on the length of the ArrayStorage after possible reallocing it
https://bugs.webkit.org/show_bug.cgi?id=120278 Reviewed by Geoffrey Garen. Source/JavaScriptCore: * runtime/JSObject.cpp: (JSC::JSObject::putDirectIndexBeyondVectorLengthWithArrayStorage): Change-Id: I034d6950683304d08a4e076d58fb1b999ade444b git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154633 268f45cc-cd09-0410-ab3c-d52691b4dbfc Reviewed-by: Jocelyn Turcotte <jocelyn.turcotte@digia.com>
Diffstat (limited to 'Source/JavaScriptCore/API/JSBase.cpp')
0 files changed, 0 insertions, 0 deletions
View Lorry Controller Status