Changeset 50964 in webkit


Ignore:
Timestamp:
Nov 13, 2009 12:42:16 PM (14 years ago)
Author:
oliver@apple.com
Message:

JSValueProtect and JSValueUnprotect don't protect API wrapper values
https://bugs.webkit.org/show_bug.cgi?id=31485

Reviewed by Geoff Garen.

Make JSValueProtect/Unprotect use a new 'toJS' function, 'toJSForGC' that
does not attempt to to strip out API wrapper objects.

Location:
trunk/JavaScriptCore
Files:
4 edited

Legend:

Unmodified
Added
Removed

  • trunk/JavaScriptCore/API/APICast.h

    r49802 r50964  
    7474}
    7575
     76inline JSC::JSValue toJSForGC(JSC::ExecState*, JSValueRef v)
     77{
     78#if USE(JSVALUE32_64)
     79    JSC::JSCell* jsCell = reinterpret_cast<JSC::JSCell*>(const_cast<OpaqueJSValue*>(v));
     80    if (!jsCell)
     81        return JSC::JSValue();
     82    return jsCell;
     83#else
     84    return JSC::JSValue::decode(reinterpret_cast<JSC::EncodedJSValue>(const_cast<OpaqueJSValue*>(v)));
     85#endif
     86}
     87
    7688inline JSC::JSObject* toJS(JSObjectRef o)
    7789{

  • trunk/JavaScriptCore/API/JSValueRef.cpp

    r43160 r50964  
    308308    JSLock lock(exec);
    309309
    310     JSValue jsValue = toJS(exec, value);
     310    JSValue jsValue = toJSForGC(exec, value);
    311311    gcProtect(jsValue);
    312312}
     
    318318    JSLock lock(exec);
    319319
    320     JSValue jsValue = toJS(exec, value);
     320    JSValue jsValue = toJSForGC(exec, value);
    321321    gcUnprotect(jsValue);
    322322}

  • trunk/JavaScriptCore/API/tests/testapi.c

    r49802 r50964  
    738738}
    739739
     740static JSValueRef jsNumberValue =  NULL;
     741
     742static void makeGlobalNumberValue(JSContextRef context) {
     743    JSValueRef v = JSValueMakeNumber(context, 420);
     744    JSValueProtect(context, v);
     745    jsNumberValue = v;
     746    v = NULL;
     747}
     748
    740749int main(int argc, char* argv[])
    741750{
     
    949958   
    950959    jsGlobalValue = JSObjectMake(context, NULL, NULL);
     960    makeGlobalNumberValue(context);
    951961    JSValueProtect(context, jsGlobalValue);
    952962    JSGarbageCollect(context);
    953963    ASSERT(JSValueIsObject(context, jsGlobalValue));
    954964    JSValueUnprotect(context, jsGlobalValue);
     965    JSValueUnprotect(context, jsNumberValue);
    955966
    956967    JSStringRef goodSyntax = JSStringCreateWithUTF8CString("x = 1;");

  • trunk/JavaScriptCore/ChangeLog

    r50962 r50964  
     12009-11-13  Oliver Hunt  <oliver@apple.com>
     2
     3        Reviewed by Geoff Garen.
     4
     5        JSValueProtect and JSValueUnprotect don't protect API wrapper values
     6        https://bugs.webkit.org/show_bug.cgi?id=31485
     7
     8        Make JSValueProtect/Unprotect use a new 'toJS' function, 'toJSForGC' that
     9        does not attempt to to strip out API wrapper objects.
     10
     11        * API/APICast.h:
     12        (toJSForGC):
     13        * API/JSValueRef.cpp:
     14        (JSValueProtect):
     15        (JSValueUnprotect):
     16        * API/tests/testapi.c:
     17        (makeGlobalNumberValue):
     18        (main):
     19
    1202009-11-13  İsmail Dönmez  <ismail@namtrac.org>
    221
Note: See TracChangeset for help on using the changeset viewer.