Changeset 141783 in webkit
- Timestamp:
- Feb 4, 2013 10:43:03 AM (11 years ago)
- Location:
- trunk/Source
- Files:
-
- 45 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/WebCore/ChangeLog
r141778 r141783 1 2013-02-04 Abhishek Arya <inferno@chromium.org> 2 3 Add ASSERT_WITH_SECURITY_IMPLICATION to detect bad cast in DOM, CSS, etc. 4 https://bugs.webkit.org/show_bug.cgi?id=108688 5 6 Reviewed by Eric Seidel. 7 8 * Modules/notifications/Notification.cpp: 9 (WebCore::Notification::Notification): 10 (WebCore::Notification::permission): 11 (WebCore::Notification::requestPermission): 12 * Modules/speech/SpeechGrammar.cpp: 13 (WebCore::SpeechGrammar::setSrc): 14 * Modules/speech/SpeechGrammarList.cpp: 15 (WebCore::SpeechGrammarList::addFromUri): 16 * Modules/websockets/ThreadableWebSocketChannel.cpp: 17 (WebCore::ThreadableWebSocketChannel::create): 18 * accessibility/AccessibilityMenuListPopup.cpp: 19 (WebCore::AccessibilityMenuListPopup::menuListOptionAccessibilityObject): 20 * accessibility/AccessibilityTable.cpp: 21 (WebCore::AccessibilityTable::cellForColumnAndRow): 22 * css/CSSFontFaceRule.cpp: 23 (WebCore::CSSFontFaceRule::reattach): 24 * css/CSSImageSetValue.cpp: 25 (WebCore::CSSImageSetValue::fillImageSet): 26 * css/CSSPageRule.cpp: 27 (WebCore::CSSPageRule::reattach): 28 * css/CSSStyleRule.cpp: 29 (WebCore::CSSStyleRule::reattach): 30 * css/StyleBuilder.cpp: 31 (WebCore::ApplyPropertyFontVariantLigatures::applyValue): 32 (WebCore::ApplyPropertyTextDecoration::applyValue): 33 (WebCore::ApplyPropertyZoom::applyValue): 34 * css/StyleResolver.cpp: 35 (WebCore::createGridPosition): 36 (WebCore::StyleResolver::applyProperty): 37 (WebCore::StyleResolver::createCustomFilterOperationWithInlineSyntax): 38 * css/WebKitCSSFilterRule.cpp: 39 (WebCore::WebKitCSSFilterRule::reattach): 40 * css/WebKitCSSKeyframesRule.cpp: 41 (WebCore::WebKitCSSKeyframesRule::reattach): 42 * css/WebKitCSSViewportRule.cpp: 43 (WebCore::WebKitCSSViewportRule::reattach): 44 * editing/EditCommand.h: 45 (WebCore::toSimpleEditCommand): 46 * editing/visible_units.cpp: 47 (WebCore::startOfParagraph): 48 (WebCore::endOfParagraph): 49 * html/HTMLCollection.cpp: 50 (WebCore::LiveNodeListBase::setItemCache): 51 * loader/ThreadableLoader.cpp: 52 (WebCore::ThreadableLoader::create): 53 (WebCore::ThreadableLoader::loadResourceSynchronously): 54 * loader/WorkerThreadableLoader.cpp: 55 (WebCore::WorkerThreadableLoader::MainThreadBridge::mainThreadCreateLoader): 56 * page/Frame.cpp: 57 (WebCore::Frame::frameForWidget): 58 * platform/RefCountedSupplement.h: 59 (WebCore::RefCountedSupplement::from): 60 * rendering/RenderBlock.cpp: 61 (WebCore::RenderBlock::splitBlocks): 62 (WebCore::RenderBlock::firstLineBlock): 63 * rendering/RenderBlockLineLayout.cpp: 64 (WebCore::RenderBlock::createLineBoxes): 65 * rendering/RenderBox.cpp: 66 (WebCore::RenderBox::computeReplacedLogicalHeightUsing): 67 * rendering/svg/RenderSVGText.cpp: 68 (WebCore::RenderSVGText::positionForPoint): 69 * rendering/svg/SVGRootInlineBox.cpp: 70 (WebCore::SVGRootInlineBox::layoutCharactersInTextBoxes): 71 (WebCore::SVGRootInlineBox::layoutChildBoxes): 72 * testing/js/WebCoreTestSupport.cpp: 73 (WebCoreTestSupport::resetInternalsObject): 74 * testing/v8/WebCoreTestSupport.cpp: 75 (WebCoreTestSupport::resetInternalsObject): 76 * workers/DefaultSharedWorkerRepository.cpp: 77 (WebCore::SharedWorkerProxy::addToWorkerDocuments): 78 (WebCore::SharedWorkerConnectTask::performTask): 79 * workers/SharedWorker.cpp: 80 (WebCore::SharedWorker::create): 81 * workers/WorkerContext.cpp: 82 (WebCore::CloseWorkerContextTask::performTask): 83 * workers/WorkerMessagingProxy.cpp: 84 (WebCore::MessageWorkerContextTask::performTask): 85 (WebCore::connectToWorkerContextInspectorTask): 86 (WebCore::disconnectFromWorkerContextInspectorTask): 87 (WebCore::dispatchOnInspectorBackendTask): 88 * workers/WorkerScriptLoader.cpp: 89 (WebCore::WorkerScriptLoader::loadSynchronously): 90 * workers/WorkerThread.cpp: 91 (WebCore::WorkerThreadShutdownFinishTask::performTask): 92 (WebCore::WorkerThreadShutdownStartTask::performTask): 93 1 94 2013-02-04 Dominik Röttsches <dominik.rottsches@intel.com> 2 95 -
trunk/Source/WebCore/Modules/notifications/Notification.cpp
r141202 r141783 110 110 , m_taskTimer(adoptPtr(new Timer<Notification>(this, &Notification::taskTimerFired))) 111 111 { 112 ASSERT (context->isDocument());112 ASSERT_WITH_SECURITY_IMPLICATION(context->isDocument()); 113 113 m_notificationCenter = DOMWindowNotifications::webkitNotifications(static_cast<Document*>(context)->domWindow()); 114 114 … … 260 260 const String& Notification::permission(ScriptExecutionContext* context) 261 261 { 262 ASSERT (context->isDocument());262 ASSERT_WITH_SECURITY_IMPLICATION(context->isDocument()); 263 263 ASSERT(static_cast<Document*>(context)->page()); 264 264 return permissionString(NotificationController::from(static_cast<Document*>(context)->page())->client()->checkPermission(context)); … … 286 286 void Notification::requestPermission(ScriptExecutionContext* context, PassRefPtr<NotificationPermissionCallback> callback) 287 287 { 288 ASSERT (context->isDocument());288 ASSERT_WITH_SECURITY_IMPLICATION(context->isDocument()); 289 289 ASSERT(static_cast<Document*>(context)->page()); 290 290 NotificationController::from(static_cast<Document*>(context)->page())->client()->requestPermission(context, callback); -
trunk/Source/WebCore/Modules/speech/SpeechGrammar.cpp
r110281 r141783 46 46 void SpeechGrammar::setSrc(ScriptExecutionContext* scriptExecutionContext, const String& src) 47 47 { 48 ASSERT (scriptExecutionContext->isDocument());48 ASSERT_WITH_SECURITY_IMPLICATION(scriptExecutionContext->isDocument()); 49 49 Document* document = static_cast<Document*>(scriptExecutionContext); 50 50 m_src = document->completeURL(src); -
trunk/Source/WebCore/Modules/speech/SpeechGrammarList.cpp
r110281 r141783 49 49 void SpeechGrammarList::addFromUri(ScriptExecutionContext* scriptExecutionContext, const String& src, double weight) 50 50 { 51 ASSERT (scriptExecutionContext->isDocument());51 ASSERT_WITH_SECURITY_IMPLICATION(scriptExecutionContext->isDocument()); 52 52 Document* document = static_cast<Document*>(scriptExecutionContext); 53 53 m_grammars.append(SpeechGrammar::create(document->completeURL(src), weight)); -
trunk/Source/WebCore/Modules/websockets/ThreadableWebSocketChannel.cpp
r127757 r141783 66 66 #endif // ENABLE(WORKERS) 67 67 68 ASSERT (context->isDocument());68 ASSERT_WITH_SECURITY_IMPLICATION(context->isDocument()); 69 69 return WebSocketChannel::create(static_cast<Document*>(context), client); 70 70 } -
trunk/Source/WebCore/accessibility/AccessibilityMenuListPopup.cpp
r116376 r141783 74 74 75 75 AccessibilityObject* object = document()->axObjectCache()->getOrCreate(MenuListOptionRole); 76 ASSERT (object->isMenuListOption());76 ASSERT_WITH_SECURITY_IMPLICATION(object->isMenuListOption()); 77 77 78 78 AccessibilityMenuListOption* option = static_cast<AccessibilityMenuListOption*>(object); -
trunk/Source/WebCore/accessibility/AccessibilityTable.cpp
r140658 r141783 580 580 581 581 AccessibilityObject* cellObject = axObjectCache()->getOrCreate(cell); 582 ASSERT (cellObject->isTableCell());582 ASSERT_WITH_SECURITY_IMPLICATION(cellObject->isTableCell()); 583 583 584 584 return static_cast<AccessibilityTableCell*>(cellObject); -
trunk/Source/WebCore/css/CSSFontFaceRule.cpp
r141570 r141783 65 65 { 66 66 ASSERT(rule); 67 ASSERT (rule->isFontFaceRule());67 ASSERT_WITH_SECURITY_IMPLICATION(rule->isFontFaceRule()); 68 68 m_fontFaceRule = static_cast<StyleRuleFontFace*>(rule); 69 69 if (m_propertiesCSSOMWrapper) -
trunk/Source/WebCore/css/CSSImageSetValue.cpp
r141570 r141783 63 63 while (i < length) { 64 64 CSSValue* imageValue = item(i); 65 ASSERT (imageValue->isImageValue());65 ASSERT_WITH_SECURITY_IMPLICATION(imageValue->isImageValue()); 66 66 String imageURL = static_cast<CSSImageValue*>(imageValue)->url(); 67 67 … … 69 69 ASSERT(i < length); 70 70 CSSValue* scaleFactorValue = item(i); 71 ASSERT (scaleFactorValue->isPrimitiveValue());71 ASSERT_WITH_SECURITY_IMPLICATION(scaleFactorValue->isPrimitiveValue()); 72 72 float scaleFactor = static_cast<CSSPrimitiveValue*>(scaleFactorValue)->getFloatValue(); 73 73 -
trunk/Source/WebCore/css/CSSPageRule.cpp
r141570 r141783 98 98 { 99 99 ASSERT(rule); 100 ASSERT (rule->isPageRule());100 ASSERT_WITH_SECURITY_IMPLICATION(rule->isPageRule()); 101 101 m_pageRule = static_cast<StyleRulePage*>(rule); 102 102 if (m_propertiesCSSOMWrapper) -
trunk/Source/WebCore/css/CSSStyleRule.cpp
r141570 r141783 126 126 { 127 127 ASSERT(rule); 128 ASSERT (rule->isStyleRule());128 ASSERT_WITH_SECURITY_IMPLICATION(rule->isStyleRule()); 129 129 m_styleRule = static_cast<StyleRule*>(rule); 130 130 if (m_propertiesCSSOMWrapper) -
trunk/Source/WebCore/css/StyleBuilder.cpp
r139798 r141783 874 874 #if !ASSERT_DISABLED 875 875 else { 876 ASSERT (value->isPrimitiveValue());876 ASSERT_WITH_SECURITY_IMPLICATION(value->isPrimitiveValue()); 877 877 ASSERT(static_cast<CSSPrimitiveValue*>(value)->getIdent() == CSSValueNormal); 878 878 } … … 1138 1138 for (CSSValueListIterator i(value); i.hasMore(); i.advance()) { 1139 1139 CSSValue* item = i.value(); 1140 ASSERT (item->isPrimitiveValue());1140 ASSERT_WITH_SECURITY_IMPLICATION(item->isPrimitiveValue()); 1141 1141 t |= *static_cast<CSSPrimitiveValue*>(item); 1142 1142 } … … 1610 1610 static void applyValue(CSSPropertyID, StyleResolver* styleResolver, CSSValue* value) 1611 1611 { 1612 ASSERT (value->isPrimitiveValue());1612 ASSERT_WITH_SECURITY_IMPLICATION(value->isPrimitiveValue()); 1613 1613 CSSPrimitiveValue* primitiveValue = static_cast<CSSPrimitiveValue*>(value); 1614 1614 -
trunk/Source/WebCore/css/StyleResolver.cpp
r141750 r141783 2714 2714 return true; 2715 2715 2716 ASSERT (primitiveValue->isNumber());2716 ASSERT_WITH_SECURITY_IMPLICATION(primitiveValue->isNumber()); 2717 2717 position.setIntegerPosition(primitiveValue->getIntValue()); 2718 2718 return true; … … 2797 2797 #if ENABLE(CSS_VARIABLES) 2798 2798 if (id == CSSPropertyVariable) { 2799 ASSERT (value->isVariableValue());2799 ASSERT_WITH_SECURITY_IMPLICATION(value->isVariableValue()); 2800 2800 CSSVariableValue* variable = static_cast<CSSVariableValue*>(value); 2801 2801 ASSERT(!variable->name().isEmpty()); … … 2938 2938 if (!second) 2939 2939 continue; 2940 ASSERT (first->isPrimitiveValue());2941 ASSERT (second->isPrimitiveValue());2940 ASSERT_WITH_SECURITY_IMPLICATION(first->isPrimitiveValue()); 2941 ASSERT_WITH_SECURITY_IMPLICATION(second->isPrimitiveValue()); 2942 2942 String startQuote = static_cast<CSSPrimitiveValue*>(first)->getStringValue(); 2943 2943 String endQuote = static_cast<CSSPrimitiveValue*>(second)->getStringValue(); … … 4771 4771 { 4772 4772 CSSValue* shadersValue = filterValue->itemWithoutBoundsCheck(0); 4773 ASSERT (shadersValue->isValueList());4773 ASSERT_WITH_SECURITY_IMPLICATION(shadersValue->isValueList()); 4774 4774 CSSValueList* shadersList = static_cast<CSSValueList*>(shadersValue); 4775 4775 -
trunk/Source/WebCore/css/WebKitCSSFilterRule.cpp
r140997 r141783 81 81 { 82 82 ASSERT(rule); 83 ASSERT (rule->isFilterRule());83 ASSERT_WITH_SECURITY_IMPLICATION(rule->isFilterRule()); 84 84 m_filterRule = static_cast<StyleRuleFilter*>(rule); 85 85 if (m_propertiesCSSOMWrapper) -
trunk/Source/WebCore/css/WebKitCSSKeyframesRule.cpp
r141570 r141783 204 204 { 205 205 ASSERT(rule); 206 ASSERT (rule->isKeyframesRule());206 ASSERT_WITH_SECURITY_IMPLICATION(rule->isKeyframesRule()); 207 207 m_keyframesRule = static_cast<StyleRuleKeyframes*>(rule); 208 208 } -
trunk/Source/WebCore/css/WebKitCSSViewportRule.cpp
r141570 r141783 80 80 { 81 81 ASSERT(rule); 82 ASSERT (rule->isViewportRule());82 ASSERT_WITH_SECURITY_IMPLICATION(rule->isViewportRule()); 83 83 m_viewportRule = static_cast<StyleRuleViewport*>(rule); 84 84 -
trunk/Source/WebCore/editing/EditCommand.h
r133820 r141783 102 102 { 103 103 ASSERT(command); 104 ASSERT (command->isSimpleEditCommand());104 ASSERT_WITH_SECURITY_IMPLICATION(command->isSimpleEditCommand()); 105 105 return static_cast<SimpleEditCommand*>(command); 106 106 } -
trunk/Source/WebCore/editing/visible_units.cpp
r137336 r141783 1137 1137 1138 1138 if (r->isText() && toRenderText(r)->renderedTextLength()) { 1139 ASSERT (n->isTextNode());1139 ASSERT_WITH_SECURITY_IMPLICATION(n->isTextNode()); 1140 1140 type = Position::PositionIsOffsetInAnchor; 1141 1141 if (style->preserveNewline()) { … … 1219 1219 // FIXME: We avoid returning a position where the renderer can't accept the caret. 1220 1220 if (r->isText() && toRenderText(r)->renderedTextLength()) { 1221 ASSERT (n->isTextNode());1221 ASSERT_WITH_SECURITY_IMPLICATION(n->isTextNode()); 1222 1222 int length = toRenderText(r)->textLength(); 1223 1223 type = Position::PositionIsOffsetInAnchor; -
trunk/Source/WebCore/html/HTMLCollection.cpp
r138195 r141783 419 419 setItemCache(item, offset); 420 420 if (overridesItemAfter()) { 421 ASSERT (item->isElementNode());421 ASSERT_WITH_SECURITY_IMPLICATION(item->isElementNode()); 422 422 static_cast<const HTMLCollection*>(this)->m_cachedElementsArrayOffset = elementsArrayOffset; 423 423 } else -
trunk/Source/WebCore/loader/ThreadableLoader.cpp
r95901 r141783 51 51 #endif // ENABLE(WORKERS) 52 52 53 ASSERT (context->isDocument());53 ASSERT_WITH_SECURITY_IMPLICATION(context->isDocument()); 54 54 return DocumentThreadableLoader::create(static_cast<Document*>(context), client, request, options); 55 55 } … … 66 66 #endif // ENABLE(WORKERS) 67 67 68 ASSERT (context->isDocument());68 ASSERT_WITH_SECURITY_IMPLICATION(context->isDocument()); 69 69 DocumentThreadableLoader::loadResourceSynchronously(static_cast<Document*>(context), request, client, options); 70 70 } -
trunk/Source/WebCore/loader/WorkerThreadableLoader.cpp
r138083 r141783 108 108 { 109 109 ASSERT(isMainThread()); 110 ASSERT (context->isDocument());110 ASSERT_WITH_SECURITY_IMPLICATION(context->isDocument()); 111 111 Document* document = static_cast<Document*>(context); 112 112 -
trunk/Source/WebCore/page/Frame.cpp
r141570 r141783 631 631 // Assume all widgets are either a FrameView or owned by a RenderWidget. 632 632 // FIXME: That assumption is not right for scroll bars! 633 ASSERT (widget->isFrameView());633 ASSERT_WITH_SECURITY_IMPLICATION(widget->isFrameView()); 634 634 return static_cast<const FrameView*>(widget)->frame(); 635 635 } -
trunk/Source/WebCore/platform/RefCountedSupplement.h
r140509 r141783 64 64 if (!found) 65 65 return 0; 66 ASSERT (found->isRefCountedWrapper());66 ASSERT_WITH_SECURITY_IMPLICATION(found->isRefCountedWrapper()); 67 67 return static_cast<Wrapper*>(found)->wrapped(); 68 68 } -
trunk/Source/WebCore/rendering/RenderBlock.cpp
r141570 r141783 606 606 607 607 while (curr && curr != fromBlock) { 608 ASSERT (curr->isRenderBlock());608 ASSERT_WITH_SECURITY_IMPLICATION(curr->isRenderBlock()); 609 609 610 610 RenderBlock* blockCurr = toRenderBlock(curr); … … 6397 6397 !parentBlock || parentBlock->firstChild() != firstLineBlock || !parentBlock->isBlockFlow()) 6398 6398 break; 6399 ASSERT (parentBlock->isRenderBlock());6399 ASSERT_WITH_SECURITY_IMPLICATION(parentBlock->isRenderBlock()); 6400 6400 firstLineBlock = toRenderBlock(parentBlock); 6401 6401 } -
trunk/Source/WebCore/rendering/RenderBlockLineLayout.cpp
r141606 r141783 456 456 bool hasDefaultLineBoxContain = style()->lineBoxContain() == RenderStyle::initialLineBoxContain(); 457 457 do { 458 ASSERT (obj->isRenderInline() || obj == this);458 ASSERT_WITH_SECURITY_IMPLICATION(obj->isRenderInline() || obj == this); 459 459 460 460 RenderInline* inlineFlow = (obj != this) ? toRenderInline(obj) : 0; … … 476 476 // made, we need to place it at the end of the current line. 477 477 InlineBox* newBox = createInlineBoxForRenderer(obj, obj == this); 478 ASSERT (newBox->isInlineFlowBox());478 ASSERT_WITH_SECURITY_IMPLICATION(newBox->isInlineFlowBox()); 479 479 parentBox = toInlineFlowBox(newBox); 480 480 parentBox->setFirstLineStyleBit(lineInfo.isFirstLine()); -
trunk/Source/WebCore/rendering/RenderBox.cpp
r141570 r141783 2648 2648 // https://bugs.webkit.org/show_bug.cgi?id=46500 2649 2649 if (cb->isOutOfFlowPositioned() && cb->style()->height().isAuto() && !(cb->style()->top().isAuto() || cb->style()->bottom().isAuto())) { 2650 ASSERT (cb->isRenderBlock());2650 ASSERT_WITH_SECURITY_IMPLICATION(cb->isRenderBlock()); 2651 2651 RenderBlock* block = toRenderBlock(cb); 2652 2652 LogicalExtentComputedValues computedValues; -
trunk/Source/WebCore/rendering/svg/RenderSVGText.cpp
r137847 r141783 473 473 return createVisiblePosition(0, DOWNSTREAM); 474 474 475 ASSERT (rootBox->isSVGRootInlineBox());475 ASSERT_WITH_SECURITY_IMPLICATION(rootBox->isSVGRootInlineBox()); 476 476 ASSERT(!rootBox->nextRootBox()); 477 477 ASSERT(childrenInline()); -
trunk/Source/WebCore/rendering/svg/SVGRootInlineBox.cpp
r140728 r141783 110 110 continue; 111 111 112 ASSERT (child->isInlineFlowBox());112 ASSERT_WITH_SECURITY_IMPLICATION(child->isInlineFlowBox()); 113 113 114 114 SVGInlineFlowBox* flowBox = static_cast<SVGInlineFlowBox*>(child); … … 150 150 continue; 151 151 152 ASSERT (child->isInlineFlowBox());152 ASSERT_WITH_SECURITY_IMPLICATION(child->isInlineFlowBox()); 153 153 154 154 SVGInlineFlowBox* flowBox = static_cast<SVGInlineFlowBox*>(child); -
trunk/Source/WebCore/testing/js/WebCoreTestSupport.cpp
r138727 r141783 56 56 JSDOMGlobalObject* globalObject = jsCast<JSDOMGlobalObject*>(exec->lexicalGlobalObject()); 57 57 ScriptExecutionContext* scriptContext = globalObject->scriptExecutionContext(); 58 ASSERT (scriptContext->isDocument());58 ASSERT_WITH_SECURITY_IMPLICATION(scriptContext->isDocument()); 59 59 Page* page = static_cast<Document*>(scriptContext)->frame()->page(); 60 60 Internals::resetToConsistentState(page); -
trunk/Source/WebCore/testing/v8/WebCoreTestSupport.cpp
r140401 r141783 60 60 61 61 ScriptExecutionContext* scriptContext = getScriptExecutionContext(); 62 ASSERT (scriptContext->isDocument());62 ASSERT_WITH_SECURITY_IMPLICATION(scriptContext->isDocument()); 63 63 Page* page = static_cast<Document*>(scriptContext)->frame()->page(); 64 64 Internals::resetToConsistentState(page); -
trunk/Source/WebCore/workers/DefaultSharedWorkerRepository.cpp
r137318 r141783 229 229 { 230 230 // Nested workers are not yet supported, so passed-in context should always be a Document. 231 ASSERT (context->isDocument());231 ASSERT_WITH_SECURITY_IMPLICATION(context->isDocument()); 232 232 ASSERT(!isClosing()); 233 233 MutexLocker lock(m_workerDocumentsLock); … … 273 273 RefPtr<MessagePort> port = MessagePort::create(*scriptContext); 274 274 port->entangle(m_channel.release()); 275 ASSERT (scriptContext->isWorkerContext());275 ASSERT_WITH_SECURITY_IMPLICATION(scriptContext->isWorkerContext()); 276 276 WorkerContext* workerContext = static_cast<WorkerContext*>(scriptContext); 277 277 // Since close() stops the thread event loop, this should not ever get called while closing. 278 278 ASSERT(!workerContext->isClosing()); 279 ASSERT (workerContext->isSharedWorkerContext());279 ASSERT_WITH_SECURITY_IMPLICATION(workerContext->isSharedWorkerContext()); 280 280 workerContext->dispatchEvent(createConnectEvent(port)); 281 281 } -
trunk/Source/WebCore/workers/SharedWorker.cpp
r141466 r141783 71 71 72 72 // We don't currently support nested workers, so workers can only be created from documents. 73 ASSERT (context->isDocument());73 ASSERT_WITH_SECURITY_IMPLICATION(context->isDocument()); 74 74 Document* document = static_cast<Document*>(context); 75 75 if (!document->securityOrigin()->canAccessSharedWorkers(document->topOrigin())) { -
trunk/Source/WebCore/workers/WorkerContext.cpp
r137318 r141783 77 77 virtual void performTask(ScriptExecutionContext *context) 78 78 { 79 ASSERT (context->isWorkerContext());79 ASSERT_WITH_SECURITY_IMPLICATION(context->isWorkerContext()); 80 80 WorkerContext* workerContext = static_cast<WorkerContext*>(context); 81 81 // Notify parent that this context is closed. Parent is responsible for calling WorkerThread::stop(). -
trunk/Source/WebCore/workers/WorkerMessagingProxy.cpp
r141466 r141783 69 69 virtual void performTask(ScriptExecutionContext* scriptContext) 70 70 { 71 ASSERT (scriptContext->isWorkerContext());71 ASSERT_WITH_SECURITY_IMPLICATION(scriptContext->isWorkerContext()); 72 72 DedicatedWorkerContext* context = static_cast<DedicatedWorkerContext*>(scriptContext); 73 73 OwnPtr<MessagePortArray> ports = MessagePort::entanglePorts(*scriptContext, m_channels.release()); … … 375 375 static void connectToWorkerContextInspectorTask(ScriptExecutionContext* context, bool) 376 376 { 377 ASSERT (context->isWorkerContext());377 ASSERT_WITH_SECURITY_IMPLICATION(context->isWorkerContext()); 378 378 static_cast<WorkerContext*>(context)->workerInspectorController()->connectFrontend(); 379 379 } … … 394 394 static void disconnectFromWorkerContextInspectorTask(ScriptExecutionContext* context, bool) 395 395 { 396 ASSERT (context->isWorkerContext());396 ASSERT_WITH_SECURITY_IMPLICATION(context->isWorkerContext()); 397 397 static_cast<WorkerContext*>(context)->workerInspectorController()->disconnectFrontend(); 398 398 } … … 412 412 static void dispatchOnInspectorBackendTask(ScriptExecutionContext* context, const String& message) 413 413 { 414 ASSERT (context->isWorkerContext());414 ASSERT_WITH_SECURITY_IMPLICATION(context->isWorkerContext()); 415 415 static_cast<WorkerContext*>(context)->workerInspectorController()->dispatchMessageFromFrontend(message); 416 416 } -
trunk/Source/WebCore/workers/WorkerScriptLoader.cpp
r127227 r141783 70 70 return; 71 71 72 ASSERT (scriptExecutionContext->isWorkerContext());72 ASSERT_WITH_SECURITY_IMPLICATION(scriptExecutionContext->isWorkerContext()); 73 73 74 74 ThreadableLoaderOptions options; -
trunk/Source/WebCore/workers/WorkerThread.cpp
r140483 r141783 208 208 virtual void performTask(ScriptExecutionContext *context) 209 209 { 210 ASSERT (context->isWorkerContext());210 ASSERT_WITH_SECURITY_IMPLICATION(context->isWorkerContext()); 211 211 WorkerContext* workerContext = static_cast<WorkerContext*>(context); 212 212 #if ENABLE(INSPECTOR) … … 229 229 virtual void performTask(ScriptExecutionContext *context) 230 230 { 231 ASSERT (context->isWorkerContext());231 ASSERT_WITH_SECURITY_IMPLICATION(context->isWorkerContext()); 232 232 WorkerContext* workerContext = static_cast<WorkerContext*>(context); 233 233 -
trunk/Source/WebKit/blackberry/Api/WebPage.cpp
r141773 r141783 4026 4026 // We do focus <select>/<option> on mouse down so that a Focus event is fired and have the 4027 4027 // element painted in its focus state on repaint. 4028 ASSERT (node->isElementNode());4028 ASSERT_WITH_SECURITY_IMPLICATION(node->isElementNode()); 4029 4029 if (node->isElementNode()) { 4030 4030 Element* element = static_cast<Element*>(node); -
trunk/Source/WebKit/blackberry/ChangeLog
r141773 r141783 1 2013-02-04 Abhishek Arya <inferno@chromium.org> 2 3 Add ASSERT_WITH_SECURITY_IMPLICATION to detect bad cast in DOM, CSS, etc. 4 https://bugs.webkit.org/show_bug.cgi?id=108688 5 6 Reviewed by Eric Seidel. 7 8 * Api/WebPage.cpp: 9 (BlackBerry::WebKit::WebPagePrivate::handleMouseEvent): 10 * WebKitSupport/FatFingers.cpp: 11 (BlackBerry::WebKit::FatFingers::setSuccessfulFatFingersResult): 12 1 13 2013-02-04 Andrew Lo <anlo@rim.com> 2 14 -
trunk/Source/WebKit/blackberry/WebKitSupport/FatFingers.cpp
r140282 r141783 479 479 bool isTextInputElement = false; 480 480 if (m_targetType == ClickableElement) { 481 ASSERT (bestNode->isElementNode());481 ASSERT_WITH_SECURITY_IMPLICATION(bestNode->isElementNode()); 482 482 Element* bestElement = static_cast<Element*>(bestNode); 483 483 isTextInputElement = DOMSupport::isTextInputElement(bestElement); -
trunk/Source/WebKit/chromium/ChangeLog
r141769 r141783 1 2013-02-04 Abhishek Arya <inferno@chromium.org> 2 3 Add ASSERT_WITH_SECURITY_IMPLICATION to detect bad cast in DOM, CSS, etc. 4 https://bugs.webkit.org/show_bug.cgi?id=108688 5 6 Reviewed by Eric Seidel. 7 8 * src/IDBFactoryBackendProxy.cpp: 9 (WebKit::IDBFactoryBackendProxy::allowIndexedDB): 10 (WebKit::getWebFrame): 11 * src/LocalFileSystemChromium.cpp: 12 (WebCore::LocalFileSystem::deleteFileSystem): 13 * src/WebSharedWorkerImpl.cpp: 14 (WebKit::WebSharedWorkerImpl::connectTask): 15 (WebKit::resumeWorkerContextTask): 16 (WebKit::connectToWorkerContextInspectorTask): 17 (WebKit::reconnectToWorkerContextInspectorTask): 18 (WebKit::disconnectFromWorkerContextInspectorTask): 19 (WebKit::dispatchOnInspectorBackendTask): 20 1 21 2013-02-04 Sami Kyostila <skyostil@chromium.org> 2 22 -
trunk/Source/WebKit/chromium/src/IDBFactoryBackendProxy.cpp
r139666 r141783 164 164 { 165 165 bool allowed; 166 ASSERT (context->isDocument() || context->isWorkerContext());166 ASSERT_WITH_SECURITY_IMPLICATION(context->isDocument() || context->isWorkerContext()); 167 167 if (context->isDocument()) { 168 168 Document* document = static_cast<Document*>(context); … … 196 196 static WebFrameImpl* getWebFrame(ScriptExecutionContext* context) 197 197 { 198 ASSERT (context->isDocument() || context->isWorkerContext());198 ASSERT_WITH_SECURITY_IMPLICATION(context->isDocument() || context->isWorkerContext()); 199 199 if (context->isDocument()) { 200 200 Document* document = static_cast<Document*>(context); -
trunk/Source/WebKit/chromium/src/LocalFileSystemChromium.cpp
r138693 r141783 234 234 { 235 235 ASSERT(context); 236 ASSERT (context->isDocument());236 ASSERT_WITH_SECURITY_IMPLICATION(context->isDocument()); 237 237 238 238 Document* document = static_cast<Document*>(context); -
trunk/Source/WebKit/chromium/src/WebSharedWorkerImpl.cpp
r138693 r141783 358 358 RefPtr<MessagePort> port = MessagePort::create(*context); 359 359 port->entangle(channel); 360 ASSERT (context->isWorkerContext());360 ASSERT_WITH_SECURITY_IMPLICATION(context->isWorkerContext()); 361 361 WorkerContext* workerContext = static_cast<WorkerContext*>(context); 362 ASSERT (workerContext->isSharedWorkerContext());362 ASSERT_WITH_SECURITY_IMPLICATION(workerContext->isSharedWorkerContext()); 363 363 workerContext->dispatchEvent(createConnectEvent(port)); 364 364 } … … 397 397 static void resumeWorkerContextTask(ScriptExecutionContext* context, bool) 398 398 { 399 ASSERT (context->isWorkerContext());399 ASSERT_WITH_SECURITY_IMPLICATION(context->isWorkerContext()); 400 400 static_cast<WorkerContext*>(context)->workerInspectorController()->resume(); 401 401 } … … 410 410 static void connectToWorkerContextInspectorTask(ScriptExecutionContext* context, bool) 411 411 { 412 ASSERT (context->isWorkerContext());412 ASSERT_WITH_SECURITY_IMPLICATION(context->isWorkerContext()); 413 413 static_cast<WorkerContext*>(context)->workerInspectorController()->connectFrontend(); 414 414 } … … 421 421 static void reconnectToWorkerContextInspectorTask(ScriptExecutionContext* context, const String& savedState) 422 422 { 423 ASSERT (context->isWorkerContext());423 ASSERT_WITH_SECURITY_IMPLICATION(context->isWorkerContext()); 424 424 WorkerInspectorController* ic = static_cast<WorkerContext*>(context)->workerInspectorController(); 425 425 ic->restoreInspectorStateFromCookie(savedState); … … 434 434 static void disconnectFromWorkerContextInspectorTask(ScriptExecutionContext* context, bool) 435 435 { 436 ASSERT (context->isWorkerContext());436 ASSERT_WITH_SECURITY_IMPLICATION(context->isWorkerContext()); 437 437 static_cast<WorkerContext*>(context)->workerInspectorController()->disconnectFrontend(); 438 438 } … … 445 445 static void dispatchOnInspectorBackendTask(ScriptExecutionContext* context, const String& message) 446 446 { 447 ASSERT (context->isWorkerContext());447 ASSERT_WITH_SECURITY_IMPLICATION(context->isWorkerContext()); 448 448 static_cast<WorkerContext*>(context)->workerInspectorController()->dispatchMessageFromFrontend(message); 449 449 } -
trunk/Source/WebKit/qt/ChangeLog
r141736 r141783 1 2013-02-04 Abhishek Arya <inferno@chromium.org> 2 3 Add ASSERT_WITH_SECURITY_IMPLICATION to detect bad cast in DOM, CSS, etc. 4 https://bugs.webkit.org/show_bug.cgi?id=108688 5 6 Reviewed by Eric Seidel. 7 8 * WebCoreSupport/FrameLoaderClientQt.cpp: 9 1 10 2013-02-03 KwangYong Choi <ky0.choi@samsung.com> 2 11 -
trunk/Source/WebKit/qt/WebCoreSupport/FrameLoaderClientQt.cpp
r141567 r141783 1423 1423 QRect clipRect; 1424 1424 if (parentScrollView) { 1425 ASSERT (parentScrollView->isFrameView());1425 ASSERT_WITH_SECURITY_IMPLICATION(parentScrollView->isFrameView()); 1426 1426 clipRect = static_cast<FrameView*>(parentScrollView)->windowClipRect(); 1427 1427 clipRect.translate(-windowRect.x(), -windowRect.y());
Note: See TracChangeset
for help on using the changeset viewer.