Changeset 149521 in webkit


Ignore:
Timestamp:
May 3, 2013 2:34:36 AM (11 years ago)
Author:
allan.jensen@digia.com
Message:

Crash when calling QWebFrame::evaluateJavaScript
https://bugs.webkit.org/show_bug.cgi?id=113434

Reviewed by Simon Hausmann.

We must take the JS API lock before accessing internal JS methods.

  • bridge/qt/qt_runtime.cpp:

(JSC::Bindings::unwrapBoxedPrimitive):
(JSC::Bindings::getGregorianDateTimeUTC):
(JSC::Bindings::convertQVariantToValue):

Location:
trunk/Source/WebCore
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • trunk/Source/WebCore/ChangeLog

    r149519 r149521  
     12013-05-03  Allan Sandfeld Jensen  <allan.jensen@digia.com>
     2
     3        Crash when calling QWebFrame::evaluateJavaScript
     4        https://bugs.webkit.org/show_bug.cgi?id=113434
     5
     6        Reviewed by Simon Hausmann.
     7
     8        We must take the JS API lock before accessing internal JS methods.
     9
     10        * bridge/qt/qt_runtime.cpp:
     11        (JSC::Bindings::unwrapBoxedPrimitive):
     12        (JSC::Bindings::getGregorianDateTimeUTC):
     13        (JSC::Bindings::convertQVariantToValue):
     14
    1152013-05-02  Xan Lopez  <xlopez@igalia.com>
    216

  • trunk/Source/WebCore/bridge/qt/qt_runtime.cpp

    r142810 r149521  
    2222
    2323#include "APICast.h"
     24#include "APIShims.h"
    2425#include "BooleanObject.h"
    2526#include "DateInstance.h"
     
    200201static JSValueRef unwrapBoxedPrimitive(JSContextRef context, JSValueRef value, JSObjectRef obj)
    201202{
     203    ExecState* exec = toJS(context);
     204    APIEntryShim entryShim(exec);
    202205    JSObject* object = toJS(obj);
    203     ExecState* exec = toJS(context);
    204206    if (object->inherits(&NumberObject::s_info))
    205207        return toRef(exec, jsNumber(object->toNumber(exec)));
     
    282284{
    283285    ExecState* exec = toJS(context);
     286    APIEntryShim entryShim(exec);
    284287    if (type == Date) {
    285288        JSObject* jsObject = toJS(object);
     
    730733        memcpy(wtfByteArray->data(), qtByteArray.constData(), qtByteArray.length());
    731734        ExecState* exec = toJS(context);
     735        APIEntryShim entryShim(exec);
    732736        return toRef(exec, toJS(exec, static_cast<JSDOMGlobalObject*>(exec->lexicalGlobalObject()), wtfByteArray.get()));
    733737    }
     
    738742            return JSValueMakeNull(context);
    739743        ExecState* exec = toJS(context);
     744        APIEntryShim entryShim(exec);
    740745        return toRef(exec, QtInstance::getQtInstance(obj, root, QtInstance::QtOwnership)->createRuntimeObject(exec));
    741746    }
     
    752757            return JSValueMakeUndefined(context);
    753758        ExecState* exec = toJS(context);
     759        APIEntryShim entryShim(exec);
    754760        return toRef(exec, customRuntimeConversions()->value(type).toJSValueFunc(exec, toJSDOMGlobalObject(document, exec), variant));
    755761    }
     
    801807        JSObjectRef array = JSObjectMakeArray(context, 0, 0, exception);
    802808        ExecState* exec = toJS(context);
     809        APIEntryShim entryShim(exec);
    803810        for (int i = 0; i < ol.count(); ++i) {
    804811            JSValueRef jsObject = toRef(exec, QtInstance::getQtInstance(ol.at(i), root, QtInstance::QtOwnership)->createRuntimeObject(exec));
Note: See TracChangeset for help on using the changeset viewer.