mirror of
https://gitlab.winehq.org/wine/wine-gecko.git
synced 2024-09-13 09:24:08 -07:00
Bug 1204863 - Ignore frames from self-hosted scripts; r=shu
This commit is contained in:
parent
6482c81f9b
commit
797b65ebd2
@ -37,6 +37,10 @@ it ought not to introduce security holes, so in principle it could be made
|
||||
available to content as well; but it is hard to justify the security risks
|
||||
of the additional attack surface.
|
||||
|
||||
The `Debugger` API cannot currently observe self-hosted JavaScript. This is not
|
||||
inherent in the API's design, but simply that the self-hosting infrastructure
|
||||
isn't prepared for the kind of invasions the `Debugger` API can perform.
|
||||
|
||||
|
||||
## Debugger Instances and Shadow Objects
|
||||
|
||||
|
5
js/src/jit-test/tests/debug/bug-1204863.js
Normal file
5
js/src/jit-test/tests/debug/bug-1204863.js
Normal file
@ -0,0 +1,5 @@
|
||||
var dbg = newGlobal().Debugger(this);
|
||||
dbg.onExceptionUnwind = function (frame, exc) {
|
||||
return { return:"sproon" };
|
||||
};
|
||||
Intl.Collator.supportedLocalesOf([2]);
|
@ -455,6 +455,7 @@ Debugger::getScriptFrameWithIter(JSContext* cx, AbstractFramePtr frame,
|
||||
const ScriptFrameIter* maybeIter, MutableHandleValue vp)
|
||||
{
|
||||
MOZ_ASSERT_IF(maybeIter, maybeIter->abstractFramePtr() == frame);
|
||||
MOZ_ASSERT(!frame.script()->selfHosted());
|
||||
|
||||
FrameMap::AddPtr p = frames.lookupForAdd(frame);
|
||||
if (!p) {
|
||||
@ -726,6 +727,10 @@ Debugger::slowPathOnExceptionUnwind(JSContext* cx, AbstractFramePtr frame)
|
||||
if (cx->isThrowingOverRecursed() || cx->isThrowingOutOfMemory())
|
||||
return JSTRAP_CONTINUE;
|
||||
|
||||
// The Debugger API mustn't muck with frames from self-hosted scripts.
|
||||
if (frame.script()->selfHosted())
|
||||
return JSTRAP_CONTINUE;
|
||||
|
||||
RootedValue rval(cx);
|
||||
JSTrapStatus status = dispatchHook(
|
||||
cx,
|
||||
@ -5265,8 +5270,9 @@ Debugger::observesScript(JSScript* script) const
|
||||
{
|
||||
if (!enabled)
|
||||
return false;
|
||||
return observesGlobal(&script->global()) && (!script->selfHosted() ||
|
||||
SelfHostedFramesVisible());
|
||||
// Don't ever observe self-hosted scripts: the Debugger API can break
|
||||
// self-hosted invariants.
|
||||
return observesGlobal(&script->global()) && !script->selfHosted();
|
||||
}
|
||||
|
||||
/* static */ bool
|
||||
|
Loading…
Reference in New Issue
Block a user