Changeset 84328 in webkit

Timestamp:

Apr 19, 2011 7:12:51 PM (13 years ago)

Author:

rolandsteiner@chromium.org

Message:

2011-04-19 Dominic Cooney <​dominicc@chromium.org>

Reviewed by Dimitri Glazkov.

Check the type of the wrapper when unwrapping NPObjects to native
Ranges and Elements
​https://bugs.webkit.org/show_bug.cgi?id=58957

• src/WebBindings.cpp: (WebKit::getRangeImpl): check HasInstance (WebKit::getElementImpl): check HasInstance

Location:

trunk/Source/WebKit/chromium

Files:

• ChangeLog (modified) (1 diff)
• src/WebBindings.cpp (modified) (2 diffs)

trunk/Source/WebKit/chromium/ChangeLog

@@ +1 @@
+2011-04-19  Dominic Cooney  <dominicc@chromium.org>
+
+        Reviewed by Dimitri Glazkov.
+
+        Check the type of the wrapper when unwrapping NPObjects to native
+        Ranges and Elements
+        https://bugs.webkit.org/show_bug.cgi?id=58957
+
+        * src/WebBindings.cpp:
+        (WebKit::getRangeImpl): check HasInstance
+        (WebKit::getElementImpl): check HasInstance
+
 2011-04-19  Evan Martin  <evan@chromium.org>
 

trunk/Source/WebKit/chromium/src/WebBindings.cpp

@@ -213 +213 @@
         return false;
 
-    Range* native = V8Range::toNative(v8Object);
+    Range* native = V8Range::HasInstance(v8Object) ? V8Range::toNative(v8Object) : 0;
     if (!native)
         return false;
@@ -228 +228 @@
     V8NPObject* v8NPObject = reinterpret_cast<V8NPObject*>(object);
     v8::Handle<v8::Object> v8Object(v8NPObject->v8Object);
-    Element* native = V8Element::toNative(v8Object);
+    Element* native = V8Element::HasInstance(v8Object) ? V8Element::toNative(v8Object) : 0;
     if (!native)
         return false;