Fixing bug 488423. Don't pass 0 as the size to PR_CALLOC(). Patch by Shailen <shailen.n.jain@gmail.com>, r+sr=jst@mozilla.org

git-svn-id: svn://10.0.0.236/trunk@259921 18797224-902f-48f8-a5cc-f745e15eee43

mozilla/dom/src/base/nsJSEnvironment.cpp

@@ -3894,16 +3894,18 @@ protected:
 nsJSArgArray::nsJSArgArray(JSContext *aContext, PRUint32 argc, jsval *argv,
                            nsresult *prv) :
     mContext(aContext),
-    mArgv(argv),
+    mArgv(nsnull),
     mArgc(argc)
 {
   // copy the array - we don't know its lifetime, and ours is tied to xpcom
   // refcounting.  Alloc zero'd array so cleanup etc is safe.
+  if (argc) {
     mArgv = (jsval *) PR_CALLOC(argc * sizeof(jsval));
     if (!mArgv) {
       *prv = NS_ERROR_OUT_OF_MEMORY;
       return;
     }
+  }
 
   // Callers are allowed to pass in a null argv even for argc > 0. They can
   // then use GetArgs to initialize the values.