Bug 513065 - Part 1, avoid thisObject when unwrapping With objects. r=mrbkap.

--HG--
extra : rebase_source : 129c8592e7f14bb76cc648ba8ae930bfc73507cb
This commit is contained in:
Jason Orendorff 2010-05-12 08:11:46 -05:00
parent e63f347a0a
commit ab2c2c89d5
2 changed files with 12 additions and 7 deletions

View File

@ -768,6 +768,13 @@ js_DefineBlockVariable(JSContext *cx, JSObject *obj, jsid id, intN index);
extern JS_REQUIRES_STACK JSObject *
js_NewWithObject(JSContext *cx, JSObject *proto, JSObject *parent, jsint depth);
inline JSObject *
js_UnwrapWithObject(JSContext *cx, JSObject *withobj)
{
JS_ASSERT(withobj->getClass() == &js_WithClass);
return withobj->getProto();
}
/*
* Create a new block scope object not linked to any proto or parent object.
* Blocks are created by the compiler to reify let blocks and comprehensions.

View File

@ -986,13 +986,11 @@ JSScopeProperty::get(JSContext* cx, JSObject* obj, JSObject *pobj, jsval* vp)
}
/*
* JSObjectOps is private, so we know there are only two implementations
* of the thisObject hook: with objects and XPConnect wrapped native
* objects. XPConnect objects don't expect the hook to be called here,
* but with objects do.
* |with (it) color;| ends up here, as do XML filter-expressions.
* Avoid exposing the With object to native getters.
*/
if (obj->getClass() == &js_WithClass)
obj = obj->map->ops->thisObject(cx, obj);
obj = js_UnwrapWithObject(cx, obj);
return getterOp()(cx, obj, SPROP_USERID(this), vp);
}
@ -1009,9 +1007,9 @@ JSScopeProperty::set(JSContext* cx, JSObject* obj, jsval* vp)
if (attrs & JSPROP_GETTER)
return !!js_ReportGetterOnlyAssignment(cx);
/* See the comment in JSScopeProperty::get as to why we can check for With. */
/* See the comment in JSScopeProperty::get as to why we check for With. */
if (obj->getClass() == &js_WithClass)
obj = obj->map->ops->thisObject(cx, obj);
obj = js_UnwrapWithObject(cx, obj);
return setterOp()(cx, obj, SPROP_USERID(this), vp);
}