From 04a42e5aaa8b0ca52dabfba2ec4b003f97c8c8af Mon Sep 17 00:00:00 2001
From: "igor%mir2.org" <igor%mir2.org@18797224-902f-48f8-a5cc-f745e15eee43>
Date: Sat, 18 Mar 2006 23:29:15 +0000
Subject: [PATCH] Bug 330951: Asserting that string arguments str1 and str2
 arguments are not NULLs in js_CompareStrings and js_EqualStrings.

Previously passing str1 and str2 set to NULL did not crash as str1 and str2 compared equals as pointers and the functions returned true without accessing *str1 or *str2. In turn it allowed for the regression from bug 311515 causing this bug to survive much longer then it should. r=brendan.


git-svn-id: svn://10.0.0.236/trunk@192597 18797224-902f-48f8-a5cc-f745e15eee43
---
 mozilla/js/src/jsstr.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/mozilla/js/src/jsstr.c b/mozilla/js/src/jsstr.c
index b8d96fd674f..480066d6629 100644
--- a/mozilla/js/src/jsstr.c
+++ b/mozilla/js/src/jsstr.c
@@ -2825,6 +2825,9 @@ js_CompareStrings(JSString *str1, JSString *str2)
     const jschar *s1, *s2;
     intN cmp;
 
+    JS_ASSERT(str1);
+    JS_ASSERT(str2);
+
     /* Fast case: pointer equality could be a quick win. */
     if (str1 == str2)
         return 0;
@@ -2846,6 +2849,9 @@ js_EqualStrings(JSString *str1, JSString *str2)
     size_t n;
     const jschar *s1, *s2;
 
+    JS_ASSERT(str1);
+    JS_ASSERT(str2);
+
     /* Fast case: pointer equality could be a quick win. */
     if (str1 == str2)
         return JS_TRUE;