From 801dbb695f613c954d524c9699923a2c09f260a9 Mon Sep 17 00:00:00 2001
From: Peter Van der Beken <peterv@propagandism.org>
Date: Wed, 9 Nov 2011 11:37:47 +0100
Subject: [PATCH] Fix for bug 717009 (Inline ListBase<LC>::instanceIsListObject
 and ListBase<LC>::getListObject). r=bz.

--HG--
extra : rebase_source : 368514fa942cb31751e5c6b4ff9d206c1bb609bc
---
 js/xpconnect/src/dombindings.cpp | 26 +++++++++++++++++---------
 js/xpconnect/src/dombindings.h   |  4 ++--
 2 files changed, 19 insertions(+), 11 deletions(-)

diff --git a/js/xpconnect/src/dombindings.cpp b/js/xpconnect/src/dombindings.cpp
index de1e129c246..232cc840803 100644
--- a/js/xpconnect/src/dombindings.cpp
+++ b/js/xpconnect/src/dombindings.cpp
@@ -304,19 +304,27 @@ ListBase<LC>::setProtoShape(JSObject *obj, js::Shape *shape)
     js::SetProxyExtra(obj, JSPROXYSLOT_PROTOSHAPE, PrivateValue(shape));
 }
 
+static JSBool
+UnwrapSecurityWrapper(JSContext *cx, JSObject *obj, JSObject *callee, JSObject **unwrapped)
+{
+    JS_ASSERT(XPCWrapper::IsSecurityWrapper(obj));
+
+    if (callee && JS_GetGlobalForObject(cx, obj) == JS_GetGlobalForObject(cx, callee)) {
+        *unwrapped = js::UnwrapObject(obj);
+    } else {
+        *unwrapped = XPCWrapper::Unwrap(cx, obj);
+        if (!*unwrapped)
+            return Throw(cx, NS_ERROR_XPC_SECURITY_MANAGER_VETO);
+    }
+    return true;
+}
+
 template<class LC>
 bool
 ListBase<LC>::instanceIsListObject(JSContext *cx, JSObject *obj, JSObject *callee)
 {
-    if (XPCWrapper::IsSecurityWrapper(obj)) {
-        if (callee && JS_GetGlobalForObject(cx, obj) == JS_GetGlobalForObject(cx, callee)) {
-            obj = js::UnwrapObject(obj);
-        } else {
-            obj = XPCWrapper::Unwrap(cx, obj);
-            if (!obj)
-                return Throw(cx, NS_ERROR_XPC_SECURITY_MANAGER_VETO);
-        }
-    }
+    if (XPCWrapper::IsSecurityWrapper(obj) && !UnwrapSecurityWrapper(cx, obj, callee, &obj))
+        return false;
 
     if (!objIsList(obj)) {
         // FIXME: Throw a proper DOM exception.
diff --git a/js/xpconnect/src/dombindings.h b/js/xpconnect/src/dombindings.h
index 4b4786ea26a..078a7cba9c5 100644
--- a/js/xpconnect/src/dombindings.h
+++ b/js/xpconnect/src/dombindings.h
@@ -246,12 +246,12 @@ public:
     static bool objIsList(JSObject *obj) {
         return js::IsProxy(obj) && proxyHandlerIsList(js::GetProxyHandler(obj));
     }
-    static bool instanceIsListObject(JSContext *cx, JSObject *obj, JSObject *callee);
+    static inline bool instanceIsListObject(JSContext *cx, JSObject *obj, JSObject *callee);
     virtual bool isInstanceOf(JSObject *prototype)
     {
         return js::GetObjectClass(prototype) == &sInterfaceClass;
     }
-    static ListType *getListObject(JSObject *obj);
+    static inline ListType *getListObject(JSObject *obj);
 
     static JSObject *getPrototype(JSContext *cx, XPCWrappedNativeScope *scope);
     static inline bool protoIsClean(JSContext *cx, JSObject *proto, bool *isClean);