Changeset 96243 in webkit


Ignore:
Timestamp:
Sep 28, 2011 12:02:57 PM (13 years ago)
Author:
barraclough@apple.com
Message:

https://bugs.webkit.org/show_bug.cgi?id=64679
Fix bugs in Array.prototype this handling.

Reviewed by Oliver Hunt.

  • runtime/ArrayPrototype.cpp:

(JSC::arrayProtoFuncJoin):
(JSC::arrayProtoFuncConcat):
(JSC::arrayProtoFuncPop):
(JSC::arrayProtoFuncPush):
(JSC::arrayProtoFuncReverse):
(JSC::arrayProtoFuncShift):
(JSC::arrayProtoFuncSlice):
(JSC::arrayProtoFuncSort):
(JSC::arrayProtoFuncSplice):
(JSC::arrayProtoFuncUnShift):
(JSC::arrayProtoFuncFilter):
(JSC::arrayProtoFuncMap):
(JSC::arrayProtoFuncEvery):
(JSC::arrayProtoFuncForEach):
(JSC::arrayProtoFuncSome):
(JSC::arrayProtoFuncReduce):
(JSC::arrayProtoFuncReduceRight):
(JSC::arrayProtoFuncIndexOf):
(JSC::arrayProtoFuncLastIndexOf):

  • These methods should throw if this value is undefined.
Location:
trunk/Source/JavaScriptCore
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/Source/JavaScriptCore/ChangeLog

    r96238 r96243  
     12011-09-28  Gavin Barraclough  <barraclough@apple.com>
     2
     3        https://bugs.webkit.org/show_bug.cgi?id=64679
     4        Fix bugs in Array.prototype this handling.
     5
     6        Reviewed by Oliver Hunt.
     7
     8        * runtime/ArrayPrototype.cpp:
     9        (JSC::arrayProtoFuncJoin):
     10        (JSC::arrayProtoFuncConcat):
     11        (JSC::arrayProtoFuncPop):
     12        (JSC::arrayProtoFuncPush):
     13        (JSC::arrayProtoFuncReverse):
     14        (JSC::arrayProtoFuncShift):
     15        (JSC::arrayProtoFuncSlice):
     16        (JSC::arrayProtoFuncSort):
     17        (JSC::arrayProtoFuncSplice):
     18        (JSC::arrayProtoFuncUnShift):
     19        (JSC::arrayProtoFuncFilter):
     20        (JSC::arrayProtoFuncMap):
     21        (JSC::arrayProtoFuncEvery):
     22        (JSC::arrayProtoFuncForEach):
     23        (JSC::arrayProtoFuncSome):
     24        (JSC::arrayProtoFuncReduce):
     25        (JSC::arrayProtoFuncReduceRight):
     26        (JSC::arrayProtoFuncIndexOf):
     27        (JSC::arrayProtoFuncLastIndexOf):
     28            - These methods should throw if this value is undefined.
     29
    1302011-09-27  Yuqiang Xian  <yuqiang.xian@intel.com>
    231
  • trunk/Source/JavaScriptCore/runtime/ArrayPrototype.cpp

    r95936 r96243  
    272272EncodedJSValue JSC_HOST_CALL arrayProtoFuncJoin(ExecState* exec)
    273273{
    274     JSObject* thisObj = exec->hostThisValue().toThisObject(exec);
     274    JSObject* thisObj = exec->hostThisValue().toObject(exec);
    275275    unsigned length = thisObj->get(exec, exec->propertyNames().length).toUInt32(exec);
    276276    if (exec->hadException())
     
    342342    JSArray* arr = constructEmptyArray(exec);
    343343    unsigned n = 0;
    344     JSValue curArg = thisValue.toThisObject(exec);
     344    JSValue curArg = thisValue.toObject(exec);
     345    if (exec->hadException())
     346        return JSValue::encode(jsUndefined());
    345347    size_t i = 0;
    346348    size_t argCount = exec->argumentCount();
     
    374376        return JSValue::encode(asArray(thisValue)->pop());
    375377
    376     JSObject* thisObj = thisValue.toThisObject(exec);
     378    JSObject* thisObj = thisValue.toObject(exec);
    377379    unsigned length = thisObj->get(exec, exec->propertyNames().length).toUInt32(exec);
    378380    if (exec->hadException())
     
    401403    }
    402404
    403     JSObject* thisObj = thisValue.toThisObject(exec);
     405    JSObject* thisObj = thisValue.toObject(exec);
    404406    unsigned length = thisObj->get(exec, exec->propertyNames().length).toUInt32(exec);
    405407    if (exec->hadException())
     
    423425EncodedJSValue JSC_HOST_CALL arrayProtoFuncReverse(ExecState* exec)
    424426{
    425     JSObject* thisObj = exec->hostThisValue().toThisObject(exec);
     427    JSObject* thisObj = exec->hostThisValue().toObject(exec);
    426428    unsigned length = thisObj->get(exec, exec->propertyNames().length).toUInt32(exec);
    427429    if (exec->hadException())
     
    449451EncodedJSValue JSC_HOST_CALL arrayProtoFuncShift(ExecState* exec)
    450452{
    451     JSObject* thisObj = exec->hostThisValue().toThisObject(exec);
     453    JSObject* thisObj = exec->hostThisValue().toObject(exec);
     454    unsigned length = thisObj->get(exec, exec->propertyNames().length).toUInt32(exec);
     455    if (exec->hadException())
     456        return JSValue::encode(jsUndefined());
     457
    452458    JSValue result;
    453 
    454     unsigned length = thisObj->get(exec, exec->propertyNames().length).toUInt32(exec);
    455     if (exec->hadException())
    456         return JSValue::encode(jsUndefined());
    457 
    458459    if (length == 0) {
    459460        putProperty(exec, thisObj, exec->propertyNames().length, jsNumber(length));
     
    480481{
    481482    // http://developer.netscape.com/docs/manuals/js/client/jsref/array.htm#1193713 or 15.4.4.10
    482     JSObject* thisObj = exec->hostThisValue().toThisObject(exec);
     483    JSObject* thisObj = exec->hostThisValue().toObject(exec);
     484    unsigned length = thisObj->get(exec, exec->propertyNames().length).toUInt32(exec);
     485    if (exec->hadException())
     486        return JSValue::encode(jsUndefined());
    483487
    484488    // We return a new array
    485489    JSArray* resObj = constructEmptyArray(exec);
    486490    JSValue result = resObj;
    487 
    488     unsigned length = thisObj->get(exec, exec->propertyNames().length).toUInt32(exec);
    489     if (exec->hadException())
    490         return JSValue::encode(jsUndefined());
    491491
    492492    unsigned begin = argumentClampedIndexFromStartOrEnd(exec, 0, length);
     
    504504EncodedJSValue JSC_HOST_CALL arrayProtoFuncSort(ExecState* exec)
    505505{
    506     JSObject* thisObj = exec->hostThisValue().toThisObject(exec);
     506    JSObject* thisObj = exec->hostThisValue().toObject(exec);
    507507    unsigned length = thisObj->get(exec, exec->propertyNames().length).toUInt32(exec);
    508508    if (!length || exec->hadException())
     
    566566    // 15.4.4.12
    567567
    568     JSObject* thisObj = exec->hostThisValue().toThisObject(exec);
     568    JSObject* thisObj = exec->hostThisValue().toObject(exec);
    569569    unsigned length = thisObj->get(exec, exec->propertyNames().length).toUInt32(exec);
    570570    if (exec->hadException())
     
    634634    // 15.4.4.13
    635635
    636     JSObject* thisObj = exec->hostThisValue().toThisObject(exec);
     636    JSObject* thisObj = exec->hostThisValue().toObject(exec);
    637637    unsigned length = thisObj->get(exec, exec->propertyNames().length).toUInt32(exec);
    638638    if (exec->hadException())
     
    661661EncodedJSValue JSC_HOST_CALL arrayProtoFuncFilter(ExecState* exec)
    662662{
    663     JSObject* thisObj = exec->hostThisValue().toThisObject(exec);
     663    JSObject* thisObj = exec->hostThisValue().toObject(exec);
    664664    unsigned length = thisObj->get(exec, exec->propertyNames().length).toUInt32(exec);
    665665    if (exec->hadException())
     
    720720EncodedJSValue JSC_HOST_CALL arrayProtoFuncMap(ExecState* exec)
    721721{
    722     JSObject* thisObj = exec->hostThisValue().toThisObject(exec);
     722    JSObject* thisObj = exec->hostThisValue().toObject(exec);
    723723    unsigned length = thisObj->get(exec, exec->propertyNames().length).toUInt32(exec);
    724724    if (exec->hadException())
     
    782782EncodedJSValue JSC_HOST_CALL arrayProtoFuncEvery(ExecState* exec)
    783783{
    784     JSObject* thisObj = exec->hostThisValue().toThisObject(exec);
     784    JSObject* thisObj = exec->hostThisValue().toObject(exec);
    785785    unsigned length = thisObj->get(exec, exec->propertyNames().length).toUInt32(exec);
    786786    if (exec->hadException())
     
    840840EncodedJSValue JSC_HOST_CALL arrayProtoFuncForEach(ExecState* exec)
    841841{
    842     JSObject* thisObj = exec->hostThisValue().toThisObject(exec);
     842    JSObject* thisObj = exec->hostThisValue().toObject(exec);
    843843    unsigned length = thisObj->get(exec, exec->propertyNames().length).toUInt32(exec);
    844844    if (exec->hadException())
     
    890890EncodedJSValue JSC_HOST_CALL arrayProtoFuncSome(ExecState* exec)
    891891{
    892     JSObject* thisObj = exec->hostThisValue().toThisObject(exec);
     892    JSObject* thisObj = exec->hostThisValue().toObject(exec);
    893893    unsigned length = thisObj->get(exec, exec->propertyNames().length).toUInt32(exec);
    894894    if (exec->hadException())
     
    947947EncodedJSValue JSC_HOST_CALL arrayProtoFuncReduce(ExecState* exec)
    948948{
    949     JSObject* thisObj = exec->hostThisValue().toThisObject(exec);
     949    JSObject* thisObj = exec->hostThisValue().toObject(exec);
    950950    unsigned length = thisObj->get(exec, exec->propertyNames().length).toUInt32(exec);
    951951    if (exec->hadException())
     
    10221022EncodedJSValue JSC_HOST_CALL arrayProtoFuncReduceRight(ExecState* exec)
    10231023{
    1024     JSObject* thisObj = exec->hostThisValue().toThisObject(exec);
     1024    JSObject* thisObj = exec->hostThisValue().toObject(exec);
    10251025    unsigned length = thisObj->get(exec, exec->propertyNames().length).toUInt32(exec);
    10261026    if (exec->hadException())
     
    10971097{
    10981098    // 15.4.4.14
    1099     JSObject* thisObj = exec->hostThisValue().toThisObject(exec);
     1099    JSObject* thisObj = exec->hostThisValue().toObject(exec);
    11001100    unsigned length = thisObj->get(exec, exec->propertyNames().length).toUInt32(exec);
    11011101    if (exec->hadException())
     
    11181118{
    11191119    // 15.4.4.15
    1120     JSObject* thisObj = exec->hostThisValue().toThisObject(exec);
     1120    JSObject* thisObj = exec->hostThisValue().toObject(exec);
    11211121    unsigned length = thisObj->get(exec, exec->propertyNames().length).toUInt32(exec);
    11221122    if (!length)
Note: See TracChangeset for help on using the changeset viewer.