| OLD | NEW |
|---|
| 1 // Copyright 2012 the V8 project authors. All rights reserved. | 1 // Copyright 2012 the V8 project authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "src/v8.h" | 5 #include "src/v8.h" |
| 6 | 6 |
| 7 #include "src/api.h" | 7 #include "src/api.h" |
| 8 #include "src/api-natives.h" | 8 #include "src/api-natives.h" |
| 9 #include "src/arguments.h" | 9 #include "src/arguments.h" |
| 10 #include "src/base/once.h" | 10 #include "src/base/once.h" |
| (...skipping 1026 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1037 ASSIGN_RETURN_ON_EXCEPTION( | 1037 ASSIGN_RETURN_ON_EXCEPTION( |
| 1038 isolate, fun_data, | 1038 isolate, fun_data, |
| 1039 ApiNatives::ConfigureInstance(isolate, fun_data, | 1039 ApiNatives::ConfigureInstance(isolate, fun_data, |
| 1040 Handle<JSObject>::cast(args.receiver())), | 1040 Handle<JSObject>::cast(args.receiver())), |
| 1041 Object); | 1041 Object); |
| 1042 } | 1042 } |
| 1043 | 1043 |
| 1044 DCHECK(!args[0]->IsNull()); | 1044 DCHECK(!args[0]->IsNull()); |
| 1045 if (args[0]->IsUndefined()) args[0] = function->global_proxy(); | 1045 if (args[0]->IsUndefined()) args[0] = function->global_proxy(); |
| 1046 | 1046 |
| 1047 if (!is_construct && !fun_data->accept_any_receiver()) { |
| 1048 Handle<Object> receiver(&args[0]); |
| 1049 if (receiver->IsJSObject() && receiver->IsAccessCheckNeeded()) { |
| 1050 Handle<JSObject> js_receiver = Handle<JSObject>::cast(receiver); |
| 1051 if (!isolate->MayAccess(js_receiver)) { |
| 1052 isolate->ReportFailedAccessCheck(js_receiver); |
| 1053 RETURN_EXCEPTION_IF_SCHEDULED_EXCEPTION(isolate, Object); |
| 1054 } |
| 1055 } |
| 1056 } |
| 1057 |
| 1047 Object* raw_holder = fun_data->GetCompatibleReceiver(isolate, args[0]); | 1058 Object* raw_holder = fun_data->GetCompatibleReceiver(isolate, args[0]); |
| 1048 | 1059 |
| 1049 if (raw_holder->IsNull()) { | 1060 if (raw_holder->IsNull()) { |
| 1050 // This function cannot be called with the given receiver. Abort! | 1061 // This function cannot be called with the given receiver. Abort! |
| 1051 THROW_NEW_ERROR( | 1062 THROW_NEW_ERROR( |
| 1052 isolate, NewTypeError("illegal_invocation", HandleVector(&function, 1)), | 1063 isolate, NewTypeError("illegal_invocation", HandleVector(&function, 1)), |
| 1053 Object); | 1064 Object); |
| 1054 } | 1065 } |
| 1055 | 1066 |
| 1056 Object* raw_call_data = fun_data->call_code(); | 1067 Object* raw_call_data = fun_data->call_code(); |
| (...skipping 583 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1640 } | 1651 } |
| 1641 BUILTIN_LIST_C(DEFINE_BUILTIN_ACCESSOR_C) | 1652 BUILTIN_LIST_C(DEFINE_BUILTIN_ACCESSOR_C) |
| 1642 BUILTIN_LIST_A(DEFINE_BUILTIN_ACCESSOR_A) | 1653 BUILTIN_LIST_A(DEFINE_BUILTIN_ACCESSOR_A) |
| 1643 BUILTIN_LIST_H(DEFINE_BUILTIN_ACCESSOR_H) | 1654 BUILTIN_LIST_H(DEFINE_BUILTIN_ACCESSOR_H) |
| 1644 BUILTIN_LIST_DEBUG_A(DEFINE_BUILTIN_ACCESSOR_A) | 1655 BUILTIN_LIST_DEBUG_A(DEFINE_BUILTIN_ACCESSOR_A) |
| 1645 #undef DEFINE_BUILTIN_ACCESSOR_C | 1656 #undef DEFINE_BUILTIN_ACCESSOR_C |
| 1646 #undef DEFINE_BUILTIN_ACCESSOR_A | 1657 #undef DEFINE_BUILTIN_ACCESSOR_A |
| 1647 | 1658 |
| 1648 | 1659 |
| 1649 } } // namespace v8::internal | 1660 } } // namespace v8::internal |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1036743004:
add access checks to receivers on function callbacks (Closed)
Base URL: https://chromium.googlesource.com/v8/v8.git@master