wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity

Bug 664951 - Weaken CallJSNativeConstructor again (r=waldo)

Browse Source
This commit is contained in:
Luke Wagner 2011-06-17 16:51:52 -07:00
parent 3ca1688adf
commit 2ebc3262be
3 changed files with 9 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
js/src/jit-test/tests/basic/testBug660734.js Normal file
View File

@ -0,0 +1,4 @@
var handler = { fix: function() { return []; } };
var p = Proxy.createFunction(handler, function(){}, function(){});
Proxy.fix(p);
new p();

5
js/src/jscntxtinlines.h
View File

@ -317,7 +317,10 @@ CallJSNativeConstructor(JSContext *cx, js::Native native, const CallArgs &args)
* (new Object(Object)) returns the callee. * (new Object(Object)) returns the callee.
*/ */
extern JSBool proxy_Construct(JSContext *, uintN, Value *); extern JSBool proxy_Construct(JSContext *, uintN, Value *);
JS_ASSERT_IF(native != proxy_Construct && native != js::CallOrConstructBoundFunction && extern JSBool callable_Construct(JSContext *, uintN, Value *);
JS_ASSERT_IF(native != proxy_Construct &&
native != callable_Construct &&
native != js::CallOrConstructBoundFunction &&
(!callee.isFunction() || callee.getFunctionPrivate()->u.n.clasp != &js_ObjectClass), (!callee.isFunction() || callee.getFunctionPrivate()->u.n.clasp != &js_ObjectClass),
!args.rval().isPrimitive() && callee != args.rval().toObject()); !args.rval().isPrimitive() && callee != args.rval().toObject());

2
js/src/jsproxy.cpp
View File

@ -1332,7 +1332,7 @@ callable_Call(JSContext *cx, uintN argc, Value *vp)
return ok; return ok;
} }
static JSBool JSBool
callable_Construct(JSContext *cx, uintN argc, Value *vp) callable_Construct(JSContext *cx, uintN argc, Value *vp)
{ {
JSObject *thisobj = js_CreateThis(cx, &JS_CALLEE(cx, vp).toObject()); JSObject *thisobj = js_CreateThis(cx, &JS_CALLEE(cx, vp).toObject());