Changeset 206948 in webkit

Timestamp:

Oct 7, 2016 8:20:53 PM (8 years ago)

Author:

mark.lam@apple.com

Message:

Object.freeze() and seal() should throw if PreventExtensions?() fails.
​https://bugs.webkit.org/show_bug.cgi?id=163160

Reviewed by Saam Barati.

JSTests:

• stress/object-freeze-with-proxy-preventExtensions.js: Added.
• stress/object-seal-with-proxy-preventExtensions.js: Added.

Source/JavaScriptCore:

See ​https://tc39.github.io/ecma262/#sec-object.freeze,
​https://tc39.github.io/ecma262/#sec-object.seal, and
​https://tc39.github.io/ecma262/#sec-setintegritylevel. We need to call
preventExtensions first before proceeding to freeze / seal the object. If
preventExtensions fails, we should throw a TypeError.

• runtime/ObjectConstructor.cpp:

(JSC::setIntegrityLevel):
(JSC::objectConstructorSeal):
(JSC::objectConstructorFreeze):

Location:

trunk

Files:

• JSTests/ChangeLog (modified) (1 diff)
• JSTests/stress/object-freeze-with-proxy-preventExtensions.js (added)
• JSTests/stress/object-seal-with-proxy-preventExtensions.js (added)
• Source/JavaScriptCore/ChangeLog (modified) (1 diff)
• Source/JavaScriptCore/runtime/ObjectConstructor.cpp (modified) (3 diffs)

trunk/JSTests/ChangeLog

@@ +1 @@
+2016-10-07  Mark Lam  <mark.lam@apple.com>
+
+        Object.freeze() and seal() should throw if [[PreventExtensions]]() fails.
+        https://bugs.webkit.org/show_bug.cgi?id=163160
+
+        Reviewed by Saam Barati.
+
+        * stress/object-freeze-with-proxy-preventExtensions.js: Added.
+        * stress/object-seal-with-proxy-preventExtensions.js: Added.
+
 2016-10-05  Yusuke Suzuki  <utatane.tea@gmail.com>
 

trunk/Source/JavaScriptCore/ChangeLog

@@ +1 @@
+2016-10-07  Mark Lam  <mark.lam@apple.com>
+
+        Object.freeze() and seal() should throw if [[PreventExtensions]]() fails.
+        https://bugs.webkit.org/show_bug.cgi?id=163160
+
+        Reviewed by Saam Barati.
+
+        See https://tc39.github.io/ecma262/#sec-object.freeze,
+        https://tc39.github.io/ecma262/#sec-object.seal, and
+        https://tc39.github.io/ecma262/#sec-setintegritylevel.  We need to call
+        preventExtensions first before proceeding to freeze / seal the object.  If
+        preventExtensions fails, we should throw a TypeError.
+
+        * runtime/ObjectConstructor.cpp:
+        (JSC::setIntegrityLevel):
+        (JSC::objectConstructorSeal):
+        (JSC::objectConstructorFreeze):
+
 2016-10-06  Yusuke Suzuki  <utatane.tea@gmail.com>
 

trunk/Source/JavaScriptCore/runtime/ObjectConstructor.cpp

@@ -472 +472 @@
 }
 
+enum class IntegrityLevel {
+    Sealed,
+    Frozen
+};
+
+template<IntegrityLevel level>
+bool setIntegrityLevel(ExecState* exec, VM& vm, JSObject* object)
+{
+    // See https://tc39.github.io/ecma262/#sec-setintegritylevel.
+    auto scope = DECLARE_THROW_SCOPE(vm);
+
+    bool success = object->methodTable(vm)->preventExtensions(object, exec);
+    RETURN_IF_EXCEPTION(scope, false);
+    if (UNLIKELY(!success))
+        return false;
+
+    PropertyNameArray properties(exec, PropertyNameMode::StringsAndSymbols);
+    object->methodTable(vm)->getOwnPropertyNames(object, exec, properties, EnumerationMode(DontEnumPropertiesMode::Include));
+    RETURN_IF_EXCEPTION(scope, false);
+
+    PropertyNameArray::const_iterator end = properties.end();
+    for (PropertyNameArray::const_iterator iter = properties.begin(); iter != end; ++iter) {
+        Identifier propertyName = *iter;
+        if (vm.propertyNames->isPrivateName(propertyName))
+            continue;
+
+        PropertyDescriptor desc;
+        if (level == IntegrityLevel::Sealed)
+            desc.setConfigurable(false);
+        else {
+            if (!object->getOwnPropertyDescriptor(exec, propertyName, desc))
+                continue;
+
+            if (desc.isDataDescriptor())
+                desc.setWritable(false);
+
+            desc.setConfigurable(false);
+        }
+
+        object->methodTable(vm)->defineOwnProperty(object, exec, propertyName, desc, true);
+        RETURN_IF_EXCEPTION(scope, false);
+    }
+    return true;
+}
+    
 EncodedJSValue JSC_HOST_CALL objectConstructorSeal(ExecState* exec)
 {
@@ -488 +533 @@
     }
 
-    // 2. For each named own property name P of O,
-    PropertyNameArray properties(exec, PropertyNameMode::StringsAndSymbols);
-    object->methodTable(vm)->getOwnPropertyNames(object, exec, properties, EnumerationMode(DontEnumPropertiesMode::Include));
-    RETURN_IF_EXCEPTION(scope, encodedJSValue());
-    PropertyNameArray::const_iterator end = properties.end();
-    for (PropertyNameArray::const_iterator iter = properties.begin(); iter != end; ++iter) {
-        Identifier propertyName = *iter;
-        if (exec->propertyNames().isPrivateName(propertyName))
-            continue;
-        // a. Let desc be the result of calling the [[GetOwnProperty]] internal method of O with P.
-        PropertyDescriptor desc;
-        if (!object->getOwnPropertyDescriptor(exec, propertyName, desc))
-            continue;
-        // b. If desc.[[Configurable]] is true, set desc.[[Configurable]] to false.
-        desc.setConfigurable(false);
-        // c. Call the [[DefineOwnProperty]] internal method of O with P, desc, and true as arguments.
-        object->methodTable(vm)->defineOwnProperty(object, exec, propertyName, desc, true);
-        RETURN_IF_EXCEPTION(scope, encodedJSValue());
-    }
-
-    // 3. Set the [[Extensible]] internal property of O to false.
-    object->methodTable(vm)->preventExtensions(object, exec);
-    RETURN_IF_EXCEPTION(scope, encodedJSValue());
-
-    // 4. Return O.
+    bool success = setIntegrityLevel<IntegrityLevel::Sealed>(exec, vm, object);
+    RETURN_IF_EXCEPTION(scope, encodedJSValue());
+    if (!success) {
+        throwTypeError(exec, scope, ASCIILiteral("Unable to prevent extension in Object.seal"));
+        return encodedJSValue();
+    }
+
     return JSValue::encode(obj);
 }
@@ -526 +553 @@
     }
 
-    // 2. For each named own property name P of O,
-    PropertyNameArray properties(exec, PropertyNameMode::StringsAndSymbols);
-    object->methodTable(vm)->getOwnPropertyNames(object, exec, properties, EnumerationMode(DontEnumPropertiesMode::Include));
+    bool success = setIntegrityLevel<IntegrityLevel::Frozen>(exec, vm, object);
     RETURN_IF_EXCEPTION(scope, nullptr);
-    PropertyNameArray::const_iterator end = properties.end();
-    for (PropertyNameArray::const_iterator iter = properties.begin(); iter != end; ++iter) {
-        Identifier propertyName = *iter;
-        if (exec->propertyNames().isPrivateName(propertyName))
-            continue;
-        // a. Let desc be the result of calling the [[GetOwnProperty]] internal method of O with P.
-        PropertyDescriptor desc;
-        if (!object->getOwnPropertyDescriptor(exec, propertyName, desc))
-            continue;
-        // b. If IsDataDescriptor(desc) is true, then
-        // i. If desc.[[Writable]] is true, set desc.[[Writable]] to false.
-        if (desc.isDataDescriptor())
-            desc.setWritable(false);
-        // c. If desc.[[Configurable]] is true, set desc.[[Configurable]] to false.
-        desc.setConfigurable(false);
-        // d. Call the [[DefineOwnProperty]] internal method of O with P, desc, and true as arguments.
-        object->methodTable(vm)->defineOwnProperty(object, exec, propertyName, desc, true);
-        RETURN_IF_EXCEPTION(scope, nullptr);
-    }
-
-    // 3. Set the [[Extensible]] internal property of O to false.
-    object->methodTable(vm)->preventExtensions(object, exec);
-    RETURN_IF_EXCEPTION(scope, nullptr);
-
-    // 4. Return O.
+    if (!success)
+        return throwTypeError(exec, scope, ASCIILiteral("Unable to prevent extension in Object.freeze"));
     return object;
 }