From: timeless@mozdev.org Bug 506706 XPC_JSArgumentFormatter uses va_copy without va_end r=dbradley diff --git a/js/src/xpconnect/src/xpcconvert.cpp b/js/src/xpconnect/src/xpcconvert.cpp --- a/js/src/xpconnect/src/xpcconvert.cpp +++ b/js/src/xpconnect/src/xpcconvert.cpp @@ -42,6 +42,7 @@ /* Data conversion between native and JavaScript types. */ +#include #include "xpcprivate.h" #include "nsString.h" #include "XPCNativeWrapper.h" @@ -1782,11 +1783,14 @@ XPCConvert::JSErrorToXPCException(XPCCal ** and requires array notation. */ #ifdef HAVE_VA_COPY -#define VARARGS_ASSIGN(foo, bar) VA_COPY(foo,bar) +#define VARARGS_ASSIGN(foo, bar) VA_COPY(foo,bar) +#define VARARGS_END(foo) va_end(foo) #elif defined(HAVE_VA_LIST_AS_ARRAY) -#define VARARGS_ASSIGN(foo, bar) foo[0] = bar[0] +#define VARARGS_ASSIGN(foo, bar) foo[0] = bar[0] +#define VARARGS_END(foo) ((void)0) #else -#define VARARGS_ASSIGN(foo, bar) (foo) = (bar) +#define VARARGS_ASSIGN(foo, bar) (foo) = (bar) +#define VARARGS_END(foo) ((void)0) #endif // We assert below that these formats all begin with "%i". @@ -1804,6 +1808,7 @@ XPC_JSArgumentFormatter(JSContext *cx, c va_list ap; vp = *vpp; + VARARGS_ASSIGN(ap, *app); nsXPTType type; @@ -1832,12 +1837,15 @@ XPC_JSArgumentFormatter(JSContext *cx, c break; default: NS_ERROR("bad format!"); + VARARGS_END(ap); return JS_FALSE; } if(!XPCConvert::JSData2Native(ccx, &p, vp[0], type, JS_FALSE, - iid, nsnull)) + iid, nsnull)) { + VARARGS_END(ap); return JS_FALSE; + } if(which != 's') *va_arg(ap, void **) = p; @@ -1860,6 +1868,7 @@ XPC_JSArgumentFormatter(JSContext *cx, c break; default: NS_ERROR("bad format!"); + VARARGS_END(ap); return JS_FALSE; } @@ -1867,11 +1876,14 @@ XPC_JSArgumentFormatter(JSContext *cx, c p = va_arg(ap, void *); if(!XPCConvert::NativeData2JS(ccx, &vp[0], &p, type, iid, - JS_GetGlobalObject(cx), nsnull)) + JS_GetGlobalObject(cx), nsnull)) { + VARARGS_END(ap); return JS_FALSE; + } } *vpp = vp + 1; VARARGS_ASSIGN(*app, ap); + VARARGS_END(ap); return JS_TRUE; }