Revision: 16220
Author: [email protected]
Date: Mon Aug 19 13:03:58 2013 UTC
Log: Prevent empty handle dereference in Runtime_InternalNumberFormat.
[email protected]
BUG=chromium:275467
Review URL: https://codereview.chromium.org/22859025
http://code.google.com/p/v8/source/detail?r=16220
Modified:
/branches/bleeding_edge/src/runtime.cc
=======================================
--- /branches/bleeding_edge/src/runtime.cc Fri Aug 16 21:27:11 2013 UTC
+++ /branches/bleeding_edge/src/runtime.cc Mon Aug 19 13:03:58 2013 UTC
@@ -13753,7 +13753,7 @@
CONVERT_ARG_HANDLE_CHECKED(Object, number, 1);
bool has_pending_exception = false;
- double value = Execution::ToNumber(number,
&has_pending_exception)->Number();
+ Handle<Object> value = Execution::ToNumber(number,
&has_pending_exception);
if (has_pending_exception) {
ASSERT(isolate->has_pending_exception());
return Failure::Exception();
@@ -13764,7 +13764,7 @@
if (!number_format) return isolate->ThrowIllegalOperation();
icu::UnicodeString result;
- number_format->format(value, result);
+ number_format->format(value->Number(), result);
return *isolate->factory()->NewStringFromTwoByte(
Vector<const uint16_t>(
--
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
