Issue 4334: Crash when clicking empty select element.
http://code.google.com/p/chromium/issues/detail?id=4334
New issue report by [EMAIL PROTECTED]:
Here is a very simple example that triggers it:
<html>
<body>
<select></select>
</body>
</html>
Load that and click on the select element and it will crash. From
PopupMenuChromium.cpp getRowHeight, we pass -1 to itemStyle on
RenderMenuList which expects an unsigned int. We use the resulting very
big value to index into a Vector. Something most have changed in the
interface in one of the last merges.
Issue attributes:
Status: Untriaged
Owner: ----
CC: [EMAIL PROTECTED], [EMAIL PROTECTED]
Labels: Type-Bug Pri-2 OS-All Area-Misc
--
You received this message because you are listed in the owner
or CC fields of this issue, or because you starred this issue.
You may adjust your issue notification preferences at:
http://code.google.com/hosting/settings
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Chromium-bugs" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/chromium-bugs?hl=en
-~----------~----~----~----~------~----~------~--~---
