Changeset 21332 in webkit
- Timestamp:
- May 9, 2007 3:36:25 AM (17 years ago)
- Location:
- trunk
- Files:
-
- 2 added
- 3 edited
-
JavaScriptCore/ChangeLog (modified) (1 diff)
-
JavaScriptCore/kjs/object.cpp (modified) (2 diffs)
-
LayoutTests/ChangeLog (modified) (1 diff)
-
LayoutTests/fast/js/cyclic-prototypes.html (added)
-
LayoutTests/fast/js/resources/cyclic-prototypes.js (added)
Legend:
- Unmodified
- Added
- Removed
-
trunk/JavaScriptCore/ChangeLog
r21320 r21332 1 2007-05-09 Eric Seidel <eric@webkit.org> 2 3 Reviewed by mjs. 4 5 http://bugs.webkit.org/show_bug.cgi?id=6985 6 Cyclic __proto__ values cause WebKit to hang 7 8 * kjs/object.cpp: 9 (KJS::JSObject::put): do a cycle check before setting __proto__ 10 1 11 2007-05-08 Kimmo Kinnunen <kimmok@iki.fi> 2 12 -
trunk/JavaScriptCore/kjs/object.cpp
r20310 r21332 5 5 * Copyright (C) 2001 Peter Kelly (pmk@post.com) 6 6 * Copyright (C) 2003, 2004, 2005, 2006 Apple Computer, Inc. 7 * Copyright (C) 2007 Eric Seidel (eric@webkit.org) 7 8 * 8 9 * This library is free software; you can redistribute it and/or … … 212 213 // non-standard netscape extension 213 214 if (propertyName == exec->propertyNames().underscoreProto) { 215 JSObject* proto = value->getObject(); 216 while (proto) { 217 if (proto == this) 218 throwError(exec, GeneralError, "cyclic __proto__ value"); 219 proto = proto->prototype() ? proto->prototype()->getObject() : 0; 220 } 221 214 222 setPrototype(value); 215 223 return; -
trunk/LayoutTests/ChangeLog
r21324 r21332 1 2007-05-09 Eric Seidel <eric@webkit.org> 2 3 Reviewed by mjs. 4 5 http://bugs.webkit.org/show_bug.cgi?id=6985 6 Cyclic __proto__ values cause webkit to hang 7 8 * fast/js/cyclic-prototypes-expected.txt: Added. 9 * fast/js/cyclic-prototypes.html: Added. 10 * fast/js/resources/cyclic-prototypes.js: Added. 11 1 12 2007-05-08 Geoffrey Garen <ggaren@apple.com> 2 13
Note: See TracChangeset
for help on using the changeset viewer.
