wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity

Bug 1223916 - Prohibit direct method calls at the parser level in self-hosted code. (r=till)

Browse Source
This commit is contained in:
Eric Faust 2015-11-13 18:26:00 -08:00
parent 3b65667308
commit 0acbb509f0
11 changed files with 56 additions and 51 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
js/src/builtin/Array.js
View File

@ -774,7 +774,7 @@ function ArrayFrom(items, mapfn=undefined, thisArg=undefined) {
// See <https://bugs.ecmascript.org/show_bug.cgi?id=2883>.
while (true) {
// Steps 6.g.i-iii.
var next = iterator.next();
var next = callFunction(iterator.next, iterator);
if (!IsObject(next))
ThrowTypeError(JSMSG_NEXT_RETURNED_PRIMITIVE);

38
js/src/builtin/Intl.js
View File

@ -443,9 +443,9 @@ function CanonicalizeLanguageTag(locale) {
while (i < subtags.length && subtags[i].length > 1)
i++;
var extension = callFunction(std_Array_join, callFunction(std_Array_slice, subtags, extensionStart, i), "-");
extensions.push(extension);
callFunction(std_Array_push, extensions, extension);
}
extensions.sort();
callFunction(std_Array_sort, extensions);
// Private use sequences are left as is. "x-private"
var privateUse = "";
@ -455,7 +455,7 @@ function CanonicalizeLanguageTag(locale) {
// Put everything back together.
var canonical = normal;
if (extensions.length > 0)
canonical += "-" + extensions.join("-");
canonical += "-" + callFunction(std_Array_join, extensions, "-");
if (privateUse.length > 0) {
// Be careful of a Language-Tag that is entirely privateuse.
if (canonical.length > 0)
@ -578,11 +578,14 @@ function DefaultLocale() {
// (perhaps via fallback). Otherwise use the last-ditch locale.
var candidate = DefaultLocaleIgnoringAvailableLocales();
var locale;
if (BestAvailableLocaleIgnoringDefault(collatorInternalProperties.availableLocales(),
if (BestAvailableLocaleIgnoringDefault(callFunction(collatorInternalProperties.availableLocales,
collatorInternalProperties),
candidate) &&
BestAvailableLocaleIgnoringDefault(numberFormatInternalProperties.availableLocales(),
BestAvailableLocaleIgnoringDefault(callFunction(numberFormatInternalProperties.availableLocales,
numberFormatInternalProperties),
candidate) &&
BestAvailableLocaleIgnoringDefault(dateTimeFormatInternalProperties.availableLocales(),
BestAvailableLocaleIgnoringDefault(callFunction(dateTimeFormatInternalProperties.availableLocales,
dateTimeFormalInternalProperties),
candidate))
{
locale = candidate;
@ -675,8 +678,8 @@ function CanonicalizeLocaleList(locales) {
if (!IsStructurallyValidLanguageTag(tag))
ThrowRangeError(JSMSG_INVALID_LANGUAGE_TAG, tag);
tag = CanonicalizeLanguageTag(tag);
if (seen.indexOf(tag) === -1)
seen.push(tag);
if (callFunction(std_Array_indexOf, seen, tag) === -1)
callFunction(std_Array_push, seen, tag);
}
k++;
}
@ -968,14 +971,14 @@ function LookupSupportedLocales(availableLocales, requestedLocales) {
// Step 4.c-d.
var availableLocale = BestAvailableLocale(availableLocales, noExtensionsLocale);
if (availableLocale !== undefined)
subset.push(locale);
callFunction(std_Array_push, subset, locale);
// Step 4.e.
k++;
}
// Steps 5-6.
return subset.slice(0);
return callFunction(std_Array_slice, subset, 0);
}
@ -1317,7 +1320,7 @@ function resolveCollatorInternals(lazyCollatorData)
var relevantExtensionKeys = Collator.relevantExtensionKeys;
// Step 15.
var r = ResolveLocale(Collator.availableLocales(),
var r = ResolveLocale(callFunction(Collator.availableLocales, Collator),
lazyCollatorData.requestedLocales,
lazyCollatorData.opt,
relevantExtensionKeys,
@ -1507,7 +1510,8 @@ function InitializeCollator(collator, locales, options) {
function Intl_Collator_supportedLocalesOf(locales /*, options*/) {
var options = arguments.length > 1 ? arguments[1] : undefined;
var availableLocales = collatorInternalProperties.availableLocales();
var availableLocales = callFunction(collatorInternalProperties.availableLocales,
collatorInternalProperties);
var requestedLocales = CanonicalizeLocaleList(locales);
return SupportedLocales(availableLocales, requestedLocales, options);
}
@ -1675,7 +1679,7 @@ function resolveNumberFormatInternals(lazyNumberFormatData) {
var localeData = NumberFormat.localeData;
// Step 11.
var r = ResolveLocale(NumberFormat.availableLocales(),
var r = ResolveLocale(callFunction(NumberFormat.availableLocales, NumberFormat),
lazyNumberFormatData.requestedLocales,
lazyNumberFormatData.opt,
NumberFormat.relevantExtensionKeys,
@ -1959,7 +1963,8 @@ function CurrencyDigits(currency) {
function Intl_NumberFormat_supportedLocalesOf(locales /*, options*/) {
var options = arguments.length > 1 ? arguments[1] : undefined;
var availableLocales = numberFormatInternalProperties.availableLocales();
var availableLocales = callFunction(numberFormatInternalProperties.availableLocales,
numberFormatInternalProperties);
var requestedLocales = CanonicalizeLocaleList(locales);
return SupportedLocales(availableLocales, requestedLocales, options);
}
@ -2118,7 +2123,7 @@ function resolveDateTimeFormatInternals(lazyDateTimeFormatData) {
var localeData = DateTimeFormat.localeData;
// Step 10.
var r = ResolveLocale(DateTimeFormat.availableLocales(),
var r = ResolveLocale(callFunction(DateTimeFormat.availableLocales, DateTimeFormat),
lazyDateTimeFormatData.requestedLocales,
lazyDateTimeFormatData.localeOpt,
DateTimeFormat.relevantExtensionKeys,
@ -2659,7 +2664,8 @@ function BestFitFormatMatcher(options, formats) {
function Intl_DateTimeFormat_supportedLocalesOf(locales /*, options*/) {
var options = arguments.length > 1 ? arguments[1] : undefined;
var availableLocales = dateTimeFormatInternalProperties.availableLocales();
var availableLocales = callFunction(dateTimeFormatInternalProperties.availableLocales,
dateTimeFormatInternalProperties);
var requestedLocales = CanonicalizeLocaleList(locales);
return SupportedLocales(availableLocales, requestedLocales, options);
}

4
js/src/builtin/Iterator.js
View File

@ -11,7 +11,7 @@ var LegacyIteratorWrapperMap = new std_WeakMap();
function LegacyIteratorNext(arg) {
var iter = callFunction(std_WeakMap_get, LegacyIteratorWrapperMap, this);
try {
return { value: iter.next(arg), done: false };
return { value: callFunction(iter.next, iter, arg), done: false };
} catch (e) {
if (e instanceof std_StopIteration)
return { value: undefined, done: true };
@ -22,7 +22,7 @@ function LegacyIteratorNext(arg) {
function LegacyIteratorThrow(exn) {
var iter = callFunction(std_WeakMap_get, LegacyIteratorWrapperMap, this);
try {
return { value: iter.throw(exn), done: false };
return { value: callFunction(iter.throw, iter, exn), done: false };
} catch (e) {
if (e instanceof std_StopIteration)
return { value: undefined, done: true };

28
js/src/builtin/Module.js
View File

@ -43,7 +43,8 @@ function ModuleGetExportedNames(exportStarSet = [])
for (let i = 0; i < starExportEntries.length; i++) {
let e = starExportEntries[i];
let requestedModule = HostResolveImportedModule(module, e.moduleRequest);
let starNames = requestedModule.getExportedNames(exportStarSet);
let starNames = callFunction(requestedModule.getExportedNames, requestedModule,
exportStarSet);
for (let j = 0; j < starNames.length; j++) {
let n = starNames[j];
if (n !== "default" && !(n in exportedNames))
@ -89,9 +90,8 @@ function ModuleResolveExport(exportName, resolveSet = [], exportStarSet = [])
let e = indirectExportEntries[i];
if (exportName === e.exportName) {
let importedModule = HostResolveImportedModule(module, e.moduleRequest);
let indirectResolution = importedModule.resolveExport(e.importName,
resolveSet,
exportStarSet);
let indirectResolution = callFunction(importedModule.resolveExport, importedModule,
e.importName, resolveSet, exportStarSet);
if (indirectResolution !== null)
return indirectResolution;
}
@ -118,7 +118,8 @@ function ModuleResolveExport(exportName, resolveSet = [], exportStarSet = [])
for (let i = 0; i < starExportEntries.length; i++) {
let e = starExportEntries[i];
let importedModule = HostResolveImportedModule(module, e.moduleRequest);
let resolution = importedModule.resolveExport(exportName, resolveSet, exportStarSet);
let resolution = callFunction(importedModule.resolveExport, importedModule,
exportName, resolveSet, exportStarSet);
if (resolution === "ambiguous")
return resolution;
@ -146,11 +147,11 @@ function GetModuleNamespace(module)
// Step 3
if (typeof namespace === "undefined") {
let exportedNames = module.getExportedNames();
let exportedNames = callFunction(module.getExportedNames, module);
let unambiguousNames = [];
for (let i = 0; i < exportedNames.length; i++) {
let name = exportedNames[i];
let resolution = module.resolveExport(name);
let resolution = callFunction(module.resolveExport, module, name);
if (resolution === null)
ThrowSyntaxError(JSMSG_MISSING_NAMESPACE_EXPORT);
if (resolution !== "ambiguous")
@ -166,7 +167,7 @@ function GetModuleNamespace(module)
// 9.4.6.13 ModuleNamespaceCreate(module, exports)
function ModuleNamespaceCreate(module, exports)
{
exports.sort();
callFunction(std_Array_sort, exports);
let ns = NewModuleNamespace(module, exports);
@ -174,7 +175,7 @@ function ModuleNamespaceCreate(module, exports)
// access.
for (let i = 0; i < exports.length; i++) {
let name = exports[i];
let binding = module.resolveExport(name);
let binding = callFunction(module.resolveExport, module, name);
assert(binding !== null && binding !== "ambiguous", "Failed to resolve binding");
AddModuleNamespaceBinding(ns, name, binding.module, binding.bindingName);
}
@ -204,14 +205,14 @@ function ModuleDeclarationInstantiation()
for (let i = 0; i < requestedModules.length; i++) {
let required = requestedModules[i];
let requiredModule = HostResolveImportedModule(module, required);
requiredModule.declarationInstantiation();
callFunction(requiredModule.declarationInstantiation, requiredModule);
}
// Step 9
let indirectExportEntries = module.indirectExportEntries;
for (let i = 0; i < indirectExportEntries.length; i++) {
let e = indirectExportEntries[i];
let resolution = module.resolveExport(e.exportName);
let resolution = callFunction(module.resolveExport, module, e.exportName);
if (resolution === null)
ThrowSyntaxError(JSMSG_MISSING_INDIRECT_EXPORT);
if (resolution === "ambiguous")
@ -227,7 +228,8 @@ function ModuleDeclarationInstantiation()
let namespace = GetModuleNamespace(importedModule);
CreateNamespaceBinding(env, imp.localName, namespace);
} else {
let resolution = importedModule.resolveExport(imp.importName);
let resolution = callFunction(importedModule.resolveExport, importedModule,
imp.importName);
if (resolution === null)
ThrowSyntaxError(JSMSG_MISSING_IMPORT);
if (resolution === "ambiguous")
@ -261,7 +263,7 @@ function ModuleEvaluation()
for (let i = 0; i < requestedModules.length; i++) {
let required = requestedModules[i];
let requiredModule = HostResolveImportedModule(module, required);
requiredModule.evaluation();
callFunction(requiredModule.evaluation, requiredModule);
}
return EvaluateModule(module);

2
js/src/builtin/Object.js
View File

@ -57,7 +57,7 @@ function Object_toLocaleString() {
var O = this;
// Step 2.
return O.toString();
return callFunction(O.toString, O);
}
function ObjectDefineSetter(name, setter) {

6
js/src/builtin/String.js
View File

@ -296,12 +296,12 @@ function String_static_fromCodePoint(codePoints) {
// Step 5f.
// Inlined UTF-16 Encoding
if (nextCP <= 0xFFFF) {
elements.push(nextCP);
callFunction(std_Array_push, elements, nextCP);
continue;
}
elements.push((((nextCP - 0x10000) / 0x400) | 0) + 0xD800);
elements.push((nextCP - 0x10000) % 0x400 + 0xDC00);
callFunction(std_Array_push, elements, (((nextCP - 0x10000) / 0x400) | 0) + 0xD800);
callFunction(std_Array_push, elements, (nextCP - 0x10000) % 0x400 + 0xDC00);
}
// Step 6.

6
js/src/builtin/TypedArray.js
View File

@ -216,7 +216,7 @@ function TypedArrayFilter(callbackfn, thisArg = undefined) {
// Step 13.f.
if (selected) {
// Step 13.f.i.
kept.push(kValue);
callFunction(std_Array_push, kept, kValue);
// Step 13.f.ii.
captured++;
}
@ -1058,14 +1058,14 @@ function TypedArrayFrom(constructor, target, items, mapfn, thisArg) {
// Steps 10.d-e.
while (true) {
// Steps 10.e.i-ii.
var next = iterator.next();
var next = callFunction(iterator.next, iterator);
if (!IsObject(next))
ThrowTypeError(JSMSG_NEXT_RETURNED_PRIMITIVE);
// Steps 10.e.iii-vi.
if (next.done)
break;
values.push(next.value);
callFunction(std_Array_push, values, next.value);
}
// Step 10.f.

11
js/src/builtin/Utilities.js
View File

@ -53,16 +53,7 @@ var std_Map_iterator_next = MapIteratorNext;
function List() {
this.length = 0;
}
{
let ListProto = std_Object_create(null);
ListProto.indexOf = std_Array_indexOf;
ListProto.join = std_Array_join;
ListProto.push = std_Array_push;
ListProto.slice = std_Array_slice;
ListProto.sort = std_Array_sort;
MakeConstructible(List, ListProto);
}
MakeConstructible(List, {__proto__: null});
/********** Record specification type **********/

5
js/src/frontend/Parser.cpp
View File

@ -8629,6 +8629,11 @@ Parser<ParseHandler>::memberExpr(YieldHandling yieldHandling, TripledotHandling
return nextMember;
}
if (options().selfHostingMode && handler.isPropertyAccess(lhs)) {
report(ParseError, false, null(), JSMSG_SELFHOSTED_METHOD_CALL);
return null();
}
nextMember = tt == TOK_LP ? handler.newCall() : handler.newTaggedTemplate();
if (!nextMember)
return null();

1
js/src/js.msg
View File

@ -314,6 +314,7 @@ MSG_DEF(JSMSG_RESERVED_ID, 1, JSEXN_SYNTAXERR, "{0} is a reserved id
MSG_DEF(JSMSG_REST_WITH_DEFAULT, 0, JSEXN_SYNTAXERR, "rest parameter may not have a default")
MSG_DEF(JSMSG_SELFHOSTED_TOP_LEVEL_LEXICAL, 1, JSEXN_SYNTAXERR, "self-hosted code cannot contain top-level {0} declarations")
MSG_DEF(JSMSG_SELFHOSTED_UNBOUND_NAME, 0, JSEXN_TYPEERR, "self-hosted code may not contain unbound name lookups")
MSG_DEF(JSMSG_SELFHOSTED_METHOD_CALL, 0, JSEXN_SYNTAXERR, "self-hosted code may not contain direct method calls")
MSG_DEF(JSMSG_SEMI_AFTER_FOR_COND, 0, JSEXN_SYNTAXERR, "missing ; after for-loop condition")
MSG_DEF(JSMSG_SEMI_AFTER_FOR_INIT, 0, JSEXN_SYNTAXERR, "missing ; after for-loop initializer")
MSG_DEF(JSMSG_SEMI_BEFORE_STMNT, 0, JSEXN_SYNTAXERR, "missing ; before statement")

4
js/src/vm/Xdr.h
View File

@ -29,11 +29,11 @@ namespace js {
*
* https://developer.mozilla.org/en-US/docs/SpiderMonkey/Internals/Bytecode
*/
static const uint32_t XDR_BYTECODE_VERSION_SUBTRAHEND = 319;
static const uint32_t XDR_BYTECODE_VERSION_SUBTRAHEND = 320;
static const uint32_t XDR_BYTECODE_VERSION =
uint32_t(0xb973c0de - XDR_BYTECODE_VERSION_SUBTRAHEND);
static_assert(JSErr_Limit == 420,
static_assert(JSErr_Limit == 421,
"GREETINGS, POTENTIAL SUBTRAHEND INCREMENTER! If you added or "
"removed MSG_DEFs from js.msg, you should increment "
"XDR_BYTECODE_VERSION_SUBTRAHEND and update this assertion's "