Bug 634752 - Always drop jsPrincipals before returning from LoadSubScript, r+a=jst
--- a/js/src/xpconnect/loader/mozJSSubScriptLoader.cpp
+++ b/js/src/xpconnect/loader/mozJSSubScriptLoader.cpp
@@ -387,43 +387,44 @@ mozJSSubScriptLoader::LoadSubScript (con
{
nsString script;
rv = nsScriptLoader::ConvertToUTF16(
nsnull, reinterpret_cast<PRUint8*>(buf.get()), len,
nsDependentString(reinterpret_cast<PRUnichar*>(charset)), nsnull, script);
if (NS_FAILED(rv))
{
+ JSPRINCIPALS_DROP(cx, jsPrincipals);
errmsg = JS_NewStringCopyZ(cx, LOAD_ERROR_BADCHARSET);
goto return_exception;
}
ok = JS_EvaluateUCScriptForPrincipals(cx, target_obj, jsPrincipals,
reinterpret_cast<const jschar*>(script.get()),
script.Length(), uriStr.get(), 1, rval);
}
else
{
ok = JS_EvaluateScriptForPrincipals(cx, target_obj, jsPrincipals,
buf, len, uriStr.get(), 1, rval);
}
+ JSPRINCIPALS_DROP(cx, jsPrincipals);
+
if (ok)
{
JSAutoEnterCompartment rac;
if (!rac.enter(cx, result_obj) || !JS_WrapValue(cx, rval))
return NS_ERROR_UNEXPECTED;
}
/* repent for our evil deeds */
JS_SetErrorReporter (cx, er);
cc->SetReturnValueWasSet (ok);
-
- JSPRINCIPALS_DROP(cx, jsPrincipals);
return NS_OK;
return_exception:
JS_SetPendingException (cx, STRING_TO_JSVAL(errmsg));
return NS_OK;
}
#endif /* NO_SUBSCRIPT_LOADER */