Status: Available Owner: ---- CC: [email protected] Labels: Type-Bug Pri-2 OS-All Area-Misc Size-Medium
New issue 23429 by [email protected]: XMLHttpRequest without hostname leads to NULL pointer in chrome!v8::Value::IsString http://code.google.com/p/chromium/issues/detail?id=23429 The following code causes a NULL pointer read exception in chrome!v8::Value::IsString: <SCRIPT> function go() { var xmlhttp = new XMLHttpRequest(); xmlhttp.onreadystatechange = function () { if (xmlhttp.readyState == 4) go(); } xmlhttp.open("GET", "x://"); xmlhttp.send(); } go(); </SCRIPT> This repeatedly creates an XMLHttpRequest without a hostname (it can also be an invalid hostname, such as "[", and the protocol name doesn't seem to matter). After 338 loops, it causes a NULL pointer. The "magic" number is weird: why 338? Maybe this is some kind of stack exhaustion because of the recursive nature of the function that triggers after 338 loops? -- You received this message because you are listed in the owner or CC fields of this issue, or because you starred this issue. You may adjust your issue notification preferences at: http://code.google.com/hosting/settings --~--~---------~--~----~------------~-------~--~----~ Automated mail from issue updates at http://crbug.com/ Subscription options: http://groups.google.com/group/chromium-bugs -~----------~----~----~----~------~----~------~--~---
