[SCM] WebKit Debian packaging branch, debian/unstable, updated. debian/1.1.15-1-40151-g37bb677

mjs mjs at 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Sat Sep 26 08:06:47 UTC 2009 

The following commit has been merged in the debian/unstable branch:
commit cc271f4b24a34e905783af9b8f7c92fd9296b393
Author: mjs <mjs at 268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date:   Tue Oct 28 22:52:29 2003 +0000

            Reviewed by Ken.
    
    	- fixed 3413962 -  malicious web pages can kill all future JavaScript execution by breaking recursion limit check
    
            * kjs/nodes.cpp:
            (FunctionCallNode::evaluate): If we're going to return early due
    	to breaking the recursion limit, make sure to lower it again, or
    	it will creep up by one each time it's exceeded.
    
    
    git-svn-id: http://svn.webkit.org/repository/webkit/trunk@5291 268f45cc-cd09-0410-ab3c-d52691b4dbfc

diff --git a/JavaScriptCore/ChangeLog b/JavaScriptCore/ChangeLog
index fc6ac53..bb2e55a 100644
--- a/JavaScriptCore/ChangeLog
+++ b/JavaScriptCore/ChangeLog
@@ -1,3 +1,14 @@
+2003-10-28  Maciej Stachowiak  <mjs at apple.com>
+
+        Reviewed by Ken.
+
+	- fixed 3413962 -  malicious web pages can kill all future JavaScript execution by breaking recursion limit check
+	
+        * kjs/nodes.cpp:
+        (FunctionCallNode::evaluate): If we're going to return early due
+	to breaking the recursion limit, make sure to lower it again, or
+	it will creep up by one each time it's exceeded.
+
 2003-10-26  Darin Adler  <darin at apple.com>
 
         * JavaScriptCorePrefix.h: Added a C case to the NULL definition since we use C as well
diff --git a/JavaScriptCore/kjs/nodes.cpp b/JavaScriptCore/kjs/nodes.cpp
index 9189599..d0b3fed 100644
--- a/JavaScriptCore/kjs/nodes.cpp
+++ b/JavaScriptCore/kjs/nodes.cpp
@@ -746,6 +746,7 @@ Value FunctionCallNode::evaluate(ExecState *exec)
 #if KJS_MAX_STACK > 0
   static int depth = 0; // sum of all concurrent interpreters
   if (++depth > KJS_MAX_STACK) {
+    --depth;
     return throwError(exec, RangeError, "Exceeded maximum function call depth calling %s (result of expression %s).", v, expr);
   }
 #endif

-- 
WebKit Debian packaging

More information about the Pkg-webkit-commits mailing list