JavaScriptCore:
authormjs <mjs@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 27 Apr 2005 00:18:14 +0000 (00:18 +0000)
committermjs <mjs@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 27 Apr 2005 00:18:14 +0000 (00:18 +0000)
commit51e41d6773ef6b16563a0620b21cc34ce8aca278
treeed48879a11a546f6f75418aabc5c08997b283358
parente9873040c000c2fe99b488932c2243e305a9986b
JavaScriptCore:

        Reviewed by Chris.

<rdar://problem/4092136> reproducible crash in KJS::kjs_fast_realloc loading maps.google.com

* kjs/string_object.cpp:
        (StringObjectFuncImp::call): Allocate adopted ustring buffer properly.

WebCore:

        New test case for <rdar://problem/4092136> reproducible crash in KJS::kjs_fast_realloc loading maps.google.com

        * layout-tests/fast/js/string-from-char-code-expected.txt: Added.
        * layout-tests/fast/js/string-from-char-code.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@9059 268f45cc-cd09-0410-ab3c-d52691b4dbfc
JavaScriptCore/ChangeLog
JavaScriptCore/kjs/string_object.cpp
LayoutTests/fast/js/string-from-char-code-expected.txt [new file with mode: 0644]
LayoutTests/fast/js/string-from-char-code.html [new file with mode: 0644]
WebCore/ChangeLog-2005-08-23