Bug 1107147 - toStringMethod: Check return value from StringBuffer::finishString(). r=fitzgen
authorNicolas B. Pierron <nicolas.b.pierron@mozilla.com>
Fri, 05 Dec 2014 07:03:22 +0100
changeset 218449 b32fccd7bbe69724ceec82355d4929ee8b37c480
parent 218448 44d7ea20541f243995d2073080d475add49d5bbc
child 218450 81bec89d093b0533b355a2a8ffa60c1fc97c021a
push idunknown
push userunknown
push dateunknown
reviewersfitzgen
bugs1107147
milestone37.0a1
Bug 1107147 - toStringMethod: Check return value from StringBuffer::finishString(). r=fitzgen
js/src/vm/SavedStacks.cpp
--- a/js/src/vm/SavedStacks.cpp
+++ b/js/src/vm/SavedStacks.cpp
@@ -387,22 +387,26 @@ SavedFrame::toStringMethod(JSContext *cx
         RootedAtom name(cx, frame->getFunctionDisplayName());
         if ((name && !sb.append(name))
             || !sb.append('@')
             || !sb.append(frame->getSource())
             || !sb.append(':')
             || !NumberValueToStringBuffer(cx, NumberValue(frame->getLine()), sb)
             || !sb.append(':')
             || !NumberValueToStringBuffer(cx, NumberValue(frame->getColumn()), sb)
-            || !sb.append('\n')) {
+            || !sb.append('\n'))
+        {
             return false;
         }
     } while ((frame = frame->getParent()));
 
-    args.rval().setString(sb.finishString());
+    JSString *str = sb.finishString();
+    if (!str)
+        return false;
+    args.rval().setString(str);
     return true;
 }
 
 /* static */ const JSFunctionSpec SavedFrame::methods[] = {
     JS_FN("constructor", SavedFrame::construct, 0, 0),
     JS_FN("toString", SavedFrame::toStringMethod, 0, 0),
     JS_FS_END
 };