Add access checks to Object.preventExtensions + add regression test for 1027....

src/runtime.cc

Index: src/runtime.cc
===================================================================
--- src/runtime.cc	(revision 6829)
+++ src/runtime.cc	(working copy)
@@ -881,6 +881,17 @@
 static MaybeObject* Runtime_PreventExtensions(Arguments args) {
   ASSERT(args.length() == 1);
   CONVERT_CHECKED(JSObject, obj, args[0]);
+
+  if (obj->IsJSGlobalProxy()) {
+    // If access checks fail simply return false

[antonm, 2011/02/17 15:44:12]

nit: dot at the end, please

[Rico, 2011/02/18 07:49:09]

Done.

+    if (obj->IsAccessCheckNeeded() &&

[antonm, 2011/02/17 15:44:12]

Do we want access checks only on the proxy?  Why not on the global object also? 
Is there something special about these queries?

I am asking as apparently the common approach is to do something like that:

Foo(obj)
 // security check for obj.
 if (obj->IsJSGlobalProx()) {
  return Foo(obj->GetPrototype())
 }
 // Real logic

+        !Top::MayNamedAccess(obj, Heap::undefined_value(), v8::ACCESS_KEYS)) {
+      Top::ReportFailedAccessCheck(obj, v8::ACCESS_KEYS);
+      return Heap::false_value();
+    }
+    obj = JSObject::cast(obj->GetPrototype());
+  }
+
   return obj->PreventExtensions();
 }
 
@@ -3673,6 +3684,8 @@
       is_element) {
     // Normalize the elements to enable attributes on the property.
     if (js_object->IsJSGlobalProxy()) {
+      // We do not need to do access checks here since these has already
+      // been performed by the call to GetOwnProperty.
       Handle<Object> proto(js_object->GetPrototype());
       // If proxy is detached, ignore the assignment. Alternatively,
       // we could throw an exception.