| OLD | NEW |
|---|
| 1 // Copyright 2010 the V8 project authors. All rights reserved. | 1 // Copyright 2010 the V8 project authors. All rights reserved. |
| 2 // Redistribution and use in source and binary forms, with or without | 2 // Redistribution and use in source and binary forms, with or without |
| 3 // modification, are permitted provided that the following conditions are | 3 // modification, are permitted provided that the following conditions are |
| 4 // met: | 4 // met: |
| 5 // | 5 // |
| 6 // * Redistributions of source code must retain the above copyright | 6 // * Redistributions of source code must retain the above copyright |
| 7 // notice, this list of conditions and the following disclaimer. | 7 // notice, this list of conditions and the following disclaimer. |
| 8 // * Redistributions in binary form must reproduce the above | 8 // * Redistributions in binary form must reproduce the above |
| 9 // copyright notice, this list of conditions and the following | 9 // copyright notice, this list of conditions and the following |
| 10 // disclaimer in the documentation and/or other materials provided | 10 // disclaimer in the documentation and/or other materials provided |
| (...skipping 727 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 738 } | 738 } |
| 739 } | 739 } |
| 740 } | 740 } |
| 741 | 741 |
| 742 // Use recursive implementation to also traverse hidden prototypes | 742 // Use recursive implementation to also traverse hidden prototypes |
| 743 GetOwnPropertyImplementation(*obj, *name, &result); | 743 GetOwnPropertyImplementation(*obj, *name, &result); |
| 744 | 744 |
| 745 if (!result.IsProperty()) { | 745 if (!result.IsProperty()) { |
| 746 return Heap::undefined_value(); | 746 return Heap::undefined_value(); |
| 747 } | 747 } |
| 748 if (result.type() == CALLBACKS) { | |
| 749 Object* structure = result.GetCallbackObject(); | |
| 750 if (structure->IsProxy() || structure->IsAccessorInfo()) { | |
| 751 // Property that is internally implemented as a callback or | |
| 752 // an API defined callback. | |
| 753 Object* value; | |
| 754 { MaybeObject* maybe_value = obj->GetPropertyWithCallback( | |
| 755 *obj, structure, *name, result.holder()); | |
| 756 if (!maybe_value->ToObject(&value)) return maybe_value; | |
| 757 } | |
| 758 elms->set(IS_ACCESSOR_INDEX, Heap::false_value()); | |
| 759 elms->set(VALUE_INDEX, value); | |
| 760 elms->set(WRITABLE_INDEX, Heap::ToBoolean(!result.IsReadOnly())); | |
| 761 } else if (structure->IsFixedArray()) { | |
| 762 // __defineGetter__/__defineSetter__ callback. | |
| 763 elms->set(IS_ACCESSOR_INDEX, Heap::true_value()); | |
| 764 elms->set(GETTER_INDEX, FixedArray::cast(structure)->get(0)); | |
| 765 elms->set(SETTER_INDEX, FixedArray::cast(structure)->get(1)); | |
| 766 } else { | |
| 767 return Heap::undefined_value(); | |
| 768 } | |
| 769 } else { | |
| 770 elms->set(IS_ACCESSOR_INDEX, Heap::false_value()); | |
| 771 elms->set(VALUE_INDEX, result.GetLazyValue()); | |
| 772 elms->set(WRITABLE_INDEX, Heap::ToBoolean(!result.IsReadOnly())); | |
| 773 } | |
| 774 | 748 |
| 775 elms->set(ENUMERABLE_INDEX, Heap::ToBoolean(!result.IsDontEnum())); | 749 elms->set(ENUMERABLE_INDEX, Heap::ToBoolean(!result.IsDontEnum())); |
| 776 elms->set(CONFIGURABLE_INDEX, Heap::ToBoolean(!result.IsDontDelete())); | 750 elms->set(CONFIGURABLE_INDEX, Heap::ToBoolean(!result.IsDontDelete())); |
| 751 |
| 752 bool is_js_accessor = (result.type() == CALLBACKS) && |
| 753 (result.GetCallbackObject()->IsFixedArray()); |
| 754 |
| 755 if (is_js_accessor) { |
| 756 // __defineGetter__/__defineSetter__ callback. |
| 757 FixedArray* structure = FixedArray::cast(result.GetCallbackObject()); |
| 758 elms->set(IS_ACCESSOR_INDEX, Heap::true_value()); |
| 759 elms->set(GETTER_INDEX, structure->get(0)); |
| 760 elms->set(SETTER_INDEX, structure->get(1)); |
| 761 } else { |
| 762 elms->set(IS_ACCESSOR_INDEX, Heap::false_value()); |
| 763 elms->set(WRITABLE_INDEX, Heap::ToBoolean(!result.IsReadOnly())); |
| 764 |
| 765 PropertyAttributes attrs; |
| 766 Object* value; |
| 767 { MaybeObject* maybe_value = obj->GetProperty(*obj, &result, *name, &attrs); |
| 768 if (!maybe_value->ToObject(&value)) return maybe_value; |
| 769 } |
| 770 elms->set(VALUE_INDEX, value); |
| 771 } |
| 772 |
| 777 return *desc; | 773 return *desc; |
| 778 } | 774 } |
| 779 | 775 |
| 780 | 776 |
| 781 static MaybeObject* Runtime_PreventExtensions(Arguments args) { | 777 static MaybeObject* Runtime_PreventExtensions(Arguments args) { |
| 782 ASSERT(args.length() == 1); | 778 ASSERT(args.length() == 1); |
| 783 CONVERT_CHECKED(JSObject, obj, args[0]); | 779 CONVERT_CHECKED(JSObject, obj, args[0]); |
| 784 return obj->PreventExtensions(); | 780 return obj->PreventExtensions(); |
| 785 } | 781 } |
| 786 | 782 |
| (...skipping 10087 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 10874 } else { | 10870 } else { |
| 10875 // Handle last resort GC and make sure to allow future allocations | 10871 // Handle last resort GC and make sure to allow future allocations |
| 10876 // to grow the heap without causing GCs (if possible). | 10872 // to grow the heap without causing GCs (if possible). |
| 10877 Counters::gc_last_resort_from_js.Increment(); | 10873 Counters::gc_last_resort_from_js.Increment(); |
| 10878 Heap::CollectAllGarbage(false); | 10874 Heap::CollectAllGarbage(false); |
| 10879 } | 10875 } |
| 10880 } | 10876 } |
| 10881 | 10877 |
| 10882 | 10878 |
| 10883 } } // namespace v8::internal | 10879 } } // namespace v8::internal |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 6386022:
Perform security checks before fetching the value in Object.getOwnPropertyDescriptor. (Closed)
Base URL: https://v8.googlecode.com/svn/branches/bleeding_edge