Changeset 33414 in webkit
- Timestamp:
- May 13, 2008 3:31:22 PM (16 years ago)
- Location:
- trunk/WebCore
- Files:
-
- 4 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/WebCore/ChangeLog
r33413 r33414 1 2008-05-13 Timothy Hatcher <timothy@apple.com> 2 3 Fixes the assertion and crash that would happen when inspecting a element from a frame. 4 This change makes JSInspectedObjectWrapper pass unwrapped objects around for global objects 5 that share the same page group identifier. Also returns jsUndefined() instead of 0 to prevent 6 crashing in release builds if the page groups don't match. 7 8 Passes all the tests in: manual-tests/inspector-wrappers 9 10 Reviewed by Adam Roben. 11 12 * bindings/js/JSInspectedObjectWrapper.cpp: 13 (WebCore::JSInspectedObjectWrapper::prepareIncomingValue): Return jsUndefined() instead of 0. 14 Call allowsUnwrappedAccessFrom instead of unwrappedExecStateMatches. 15 * bindings/js/JSQuarantinedObjectWrapper.cpp: 16 (WebCore::JSQuarantinedObjectWrapper::allowsUnwrappedAccessFrom): Renamed from unwrappedExecStateMatches. 17 Return true if the pageGroupIdentifier of both wrappers match. 18 (WebCore::JSQuarantinedObjectWrapper::callAsFunction): Return jsUndefined() instead of 0. 19 * bindings/js/JSQuarantinedObjectWrapper.h: Renamed unwrappedExecStateMatches to allowsUnwrappedAccessFrom. 20 1 21 2008-05-13 Timothy Hatcher <timothy@apple.com> 2 22 -
trunk/WebCore/bindings/js/JSInspectedObjectWrapper.cpp
r33038 r33414 84 84 ASSERT_WITH_MESSAGE(wrapper, "Objects passed to JSInspectedObjectWrapper must be wrapped"); 85 85 if (!wrapper) 86 return 0;86 return jsUndefined(); 87 87 88 if (wrapper-> unwrappedExecStateMatches(unwrappedExecState())) {88 if (wrapper->allowsUnwrappedAccessFrom(unwrappedExecState())) { 89 89 ASSERT_WITH_MESSAGE(wrapper->inherits(&s_info), "A wrapper contains an object from the inspected page but is not a JSInspectedObjectWrapper"); 90 90 if (!wrapper->inherits(&s_info)) 91 return 0;91 return jsUndefined(); 92 92 93 93 // Return the unwrapped object so the inspected page never sees one of its own objects in wrapped form. … … 97 97 ASSERT_WITH_MESSAGE(wrapper->inherits(&JSInspectorCallbackWrapper::s_info), "A wrapper that was not from the inspected page and is not an Inspector callback was passed to a JSInspectedObjectWrapper"); 98 98 if (!wrapper->inherits(&JSInspectorCallbackWrapper::s_info)) 99 return 0;99 return jsUndefined(); 100 100 101 101 return wrapper; -
trunk/WebCore/bindings/js/JSQuarantinedObjectWrapper.cpp
r32652 r33414 70 70 } 71 71 72 bool JSQuarantinedObjectWrapper:: unwrappedExecStateMatches(const ExecState* exec) const73 { 74 return m_unwrappedGlobalObject == exec->dynamicGlobalObject();72 bool JSQuarantinedObjectWrapper::allowsUnwrappedAccessFrom(const ExecState* exec) const 73 { 74 return m_unwrappedGlobalObject->pageGroupIdentifier() == exec->dynamicGlobalObject()->pageGroupIdentifier(); 75 75 } 76 76 … … 247 247 { 248 248 if (!allowsCallAsFunction()) 249 return 0;249 return jsUndefined(); 250 250 251 251 JSObject* preparedThisObj = static_cast<JSObject*>(prepareIncomingValue(exec, thisObj)); 252 252 if (!preparedThisObj) 253 return 0;253 return jsUndefined(); 254 254 255 255 List preparedArgs; … … 257 257 JSValue* preparedValue = prepareIncomingValue(exec, args[i]); 258 258 if (!preparedValue) 259 return 0;259 return jsUndefined(); 260 260 preparedArgs.append(preparedValue); 261 261 } -
trunk/WebCore/bindings/js/JSQuarantinedObjectWrapper.h
r31890 r33414 40 40 KJS::ExecState* unwrappedExecState() const; 41 41 42 bool unwrappedExecStateMatches(const KJS::ExecState*) const;42 bool allowsUnwrappedAccessFrom(const KJS::ExecState*) const; 43 43 44 44 virtual bool getOwnPropertySlot(KJS::ExecState*, const KJS::Identifier&, KJS::PropertySlot&);
Note: See TracChangeset
for help on using the changeset viewer.