Bug 1472681: Fix NULL_DEREFERENCE error in js/src/vm/EnvironmentObject-inl.h. r?luke
MozReview-Commit-ID: 9p8jbWeZvhg
--- a/js/src/vm/EnvironmentObject-inl.h
+++ b/js/src/vm/EnvironmentObject-inl.h
@@ -12,18 +12,21 @@
#include "vm/JSObject-inl.h"
#include "vm/TypeInference-inl.h"
namespace js {
inline LexicalEnvironmentObject&
NearestEnclosingExtensibleLexicalEnvironment(JSObject* env)
{
- while (!IsExtensibleLexicalEnvironment(env))
+ MOZ_ASSERT(env);
+ while (!IsExtensibleLexicalEnvironment(env)) {
env = env->enclosingEnvironment();
+ MOZ_ASSERT(env);
+ }
return env->as<LexicalEnvironmentObject>();
}
inline void
EnvironmentObject::setAliasedBinding(JSContext* cx, uint32_t slot, PropertyName* name,
const Value& v)
{
if (isSingleton()) {