Bug 977340 - Do some gymnastics to avoid tripping cx assertions when cloning exceptions from evalInWindow calls. r=gabor

2024-09-13 09:24:08 -07:00 · 2014-03-04 10:05:08 -08:00 · 2014-03-04 10:05:08 -08:00 · 43bec730b1
commit 43bec730b1
parent 74a5406c5a
4 changed files with 18 additions and 3 deletions
--- a/js/src/jscntxtinlines.h
+++ b/js/src/jscntxtinlines.h
@ -368,7 +368,9 @@ JSContext::setPendingException(js::Value v)
    JS_ASSERT(!IsPoisonedValue(v));
    this->throwing = true;
    this->unwrappedException_ = v;
-    js::assertSameCompartment(this, v);
+    // We don't use assertSameCompartment here to allow
+    // js::SetPendingExceptionCrossContext to work.
+    JS_ASSERT_IF(v.isObject(), v.toObject().compartment() == compartment());
 }

 inline void
--- a/js/src/jsfriendapi.cpp
+++ b/js/src/jsfriendapi.cpp
@ -393,6 +393,12 @@ js::GetGlobalForObjectCrossCompartment(JSObject *obj)
    return &obj->global();
 }

+JS_FRIEND_API(void)
+js::SetPendingExceptionCrossContext(JSContext *cx, JS::HandleValue v)
+{
+    cx->setPendingException(v);
+}
+
 JS_FRIEND_API(void)
 js::AssertSameCompartment(JSContext *cx, JSObject *obj)
 {
--- a/js/src/jsfriendapi.h
+++ b/js/src/jsfriendapi.h
@ -661,6 +661,11 @@ GetObjectParentMaybeScope(JSObject *obj);
 JS_FRIEND_API(JSObject *)
 GetGlobalForObjectCrossCompartment(JSObject *obj);

+// Sidestep the activeContext checking implicitly performed in
+// JS_SetPendingException.
+JS_FRIEND_API(void)
+SetPendingExceptionCrossContext(JSContext *cx, JS::HandleValue v);
+
 JS_FRIEND_API(void)
 AssertSameCompartment(JSContext *cx, JSObject *obj);

--- a/js/xpconnect/src/Sandbox.cpp
+++ b/js/xpconnect/src/Sandbox.cpp
@ -510,6 +510,7 @@ EvalInWindow(JSContext *cx, const nsAString &source, HandleObject scope, Mutable
        lineNo = 0;
    }

+    RootedObject cxGlobal(cx, JS::CurrentGlobalOrNull(cx));
    {
        // CompileOptions must be created from the context
        // we will execute this script in.
@ -548,8 +549,9 @@ EvalInWindow(JSContext *cx, const nsAString &source, HandleObject scope, Mutable
            rval.set(UndefinedValue());

            // Then clone the exception.
-            if (CloneNonReflectors(cx, &exn))
-                JS_SetPendingException(cx, exn);
+            JSAutoCompartment ac(wndCx, cxGlobal);
+            if (CloneNonReflectors(wndCx, &exn))
+                js::SetPendingExceptionCrossContext(cx, exn);

            return false;
        }