| OLD | NEW |
|---|
| 1 // Copyright 2013 the V8 project authors. All rights reserved. | 1 // Copyright 2013 the V8 project authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <iomanip> | 5 #include <iomanip> |
| 6 #include <sstream> | 6 #include <sstream> |
| 7 | 7 |
| 8 #include "src/v8.h" | 8 #include "src/v8.h" |
| 9 | 9 |
| 10 #include "src/accessors.h" | 10 #include "src/accessors.h" |
| (...skipping 109 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 120 if (js_object->map()->is_access_check_needed()) return false; | 120 if (js_object->map()->is_access_check_needed()) return false; |
| 121 auto isolate = js_object->GetIsolate(); | 121 auto isolate = js_object->GetIsolate(); |
| 122 // TODO(dcarney): this should just be read from the symbol registry so as not | 122 // TODO(dcarney): this should just be read from the symbol registry so as not |
| 123 // to be context dependent. | 123 // to be context dependent. |
| 124 auto key = isolate->promise_status(); | 124 auto key = isolate->promise_status(); |
| 125 // Shouldn't be possible to throw here. | 125 // Shouldn't be possible to throw here. |
| 126 return JSObject::HasRealNamedProperty(js_object, key).FromJust(); | 126 return JSObject::HasRealNamedProperty(js_object, key).FromJust(); |
| 127 } | 127 } |
| 128 | 128 |
| 129 | 129 |
| 130 MaybeHandle<Object> Object::GetProperty(LookupIterator* it) { | 130 MaybeHandle<Object> Object::GetProperty(LookupIterator* it, Strength strength) { |
| 131 for (; it->IsFound(); it->Next()) { | 131 for (; it->IsFound(); it->Next()) { |
| 132 switch (it->state()) { | 132 switch (it->state()) { |
| 133 case LookupIterator::NOT_FOUND: | 133 case LookupIterator::NOT_FOUND: |
| 134 case LookupIterator::TRANSITION: | 134 case LookupIterator::TRANSITION: |
| 135 UNREACHABLE(); | 135 UNREACHABLE(); |
| 136 case LookupIterator::JSPROXY: | 136 case LookupIterator::JSPROXY: |
| 137 return JSProxy::GetPropertyWithHandler( | 137 return JSProxy::GetPropertyWithHandler( |
| 138 it->GetHolder<JSProxy>(), it->GetReceiver(), it->GetName()); | 138 it->GetHolder<JSProxy>(), it->GetReceiver(), it->GetName()); |
| 139 case LookupIterator::INTERCEPTOR: { | 139 case LookupIterator::INTERCEPTOR: { |
| 140 MaybeHandle<Object> maybe_result = | 140 MaybeHandle<Object> maybe_result = |
| 141 JSObject::GetPropertyWithInterceptor(it); | 141 JSObject::GetPropertyWithInterceptor(it); |
| 142 if (!maybe_result.is_null()) return maybe_result; | 142 if (!maybe_result.is_null()) return maybe_result; |
| 143 if (it->isolate()->has_pending_exception()) return maybe_result; | 143 if (it->isolate()->has_pending_exception()) return maybe_result; |
| 144 break; | 144 break; |
| 145 } | 145 } |
| 146 case LookupIterator::ACCESS_CHECK: | 146 case LookupIterator::ACCESS_CHECK: |
| 147 if (it->HasAccess()) break; | 147 if (it->HasAccess()) break; |
| 148 return JSObject::GetPropertyWithFailedAccessCheck(it); | 148 return JSObject::GetPropertyWithFailedAccessCheck(it, strength); |
| 149 case LookupIterator::ACCESSOR: | 149 case LookupIterator::ACCESSOR: |
| 150 return GetPropertyWithAccessor(it); | 150 return GetPropertyWithAccessor(it, strength); |
| 151 case LookupIterator::INTEGER_INDEXED_EXOTIC: | 151 case LookupIterator::INTEGER_INDEXED_EXOTIC: |
| 152 if (is_strong(strength)) { |
| 153 THROW_NEW_ERROR(it->isolate(), |
| 154 NewTypeError(MessageTemplate::kStrongPropertyAccess, |
| 155 it->GetReceiver(), it->GetName()), |
| 156 Object); |
| 157 } |
| 152 return it->factory()->undefined_value(); | 158 return it->factory()->undefined_value(); |
| 153 case LookupIterator::DATA: | 159 case LookupIterator::DATA: |
| 154 return it->GetDataValue(); | 160 return it->GetDataValue(); |
| 155 } | 161 } |
| 156 } | 162 } |
| 163 if (is_strong(strength)) { |
| 164 THROW_NEW_ERROR(it->isolate(), |
| 165 NewTypeError(MessageTemplate::kStrongPropertyAccess, |
| 166 it->GetReceiver(), it->GetName()), |
| 167 Object); |
| 168 } |
| 157 return it->factory()->undefined_value(); | 169 return it->factory()->undefined_value(); |
| 158 } | 170 } |
| 159 | 171 |
| 160 | 172 |
| 161 Handle<Object> JSReceiver::GetDataProperty(Handle<JSReceiver> object, | 173 Handle<Object> JSReceiver::GetDataProperty(Handle<JSReceiver> object, |
| 162 Handle<Name> name) { | 174 Handle<Name> name) { |
| 163 LookupIterator it(object, name, | 175 LookupIterator it(object, name, |
| 164 LookupIterator::PROTOTYPE_CHAIN_SKIP_INTERCEPTOR); | 176 LookupIterator::PROTOTYPE_CHAIN_SKIP_INTERCEPTOR); |
| 165 return GetDataProperty(&it); | 177 return GetDataProperty(&it); |
| 166 } | 178 } |
| (...skipping 128 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 295 | 307 |
| 296 // TODO(rossberg): adjust once there is a story for symbols vs proxies. | 308 // TODO(rossberg): adjust once there is a story for symbols vs proxies. |
| 297 if (name->IsSymbol()) return isolate->factory()->undefined_value(); | 309 if (name->IsSymbol()) return isolate->factory()->undefined_value(); |
| 298 | 310 |
| 299 Handle<Object> args[] = { receiver, name }; | 311 Handle<Object> args[] = { receiver, name }; |
| 300 return CallTrap( | 312 return CallTrap( |
| 301 proxy, "get", isolate->derived_get_trap(), arraysize(args), args); | 313 proxy, "get", isolate->derived_get_trap(), arraysize(args), args); |
| 302 } | 314 } |
| 303 | 315 |
| 304 | 316 |
| 305 MaybeHandle<Object> Object::GetPropertyWithAccessor(LookupIterator* it) { | 317 MaybeHandle<Object> Object::GetPropertyWithAccessor(LookupIterator* it, |
| 318 Strength strength) { |
| 306 Isolate* isolate = it->isolate(); | 319 Isolate* isolate = it->isolate(); |
| 307 Handle<Object> structure = it->GetAccessors(); | 320 Handle<Object> structure = it->GetAccessors(); |
| 308 Handle<Object> receiver = it->GetReceiver(); | 321 Handle<Object> receiver = it->GetReceiver(); |
| 309 | 322 |
| 310 DCHECK(!structure->IsForeign()); | 323 DCHECK(!structure->IsForeign()); |
| 311 // api style callbacks. | 324 // api style callbacks. |
| 312 if (structure->IsAccessorInfo()) { | 325 if (structure->IsAccessorInfo()) { |
| 313 Handle<JSObject> holder = it->GetHolder<JSObject>(); | 326 Handle<JSObject> holder = it->GetHolder<JSObject>(); |
| 314 Handle<Name> name = it->GetName(); | 327 Handle<Name> name = it->GetName(); |
| 315 Handle<AccessorInfo> info = Handle<AccessorInfo>::cast(structure); | 328 Handle<AccessorInfo> info = Handle<AccessorInfo>::cast(structure); |
| 316 if (!info->IsCompatibleReceiver(*receiver)) { | 329 if (!info->IsCompatibleReceiver(*receiver)) { |
| 317 THROW_NEW_ERROR(isolate, | 330 THROW_NEW_ERROR(isolate, |
| 318 NewTypeError(MessageTemplate::kIncompatibleMethodReceiver, | 331 NewTypeError(MessageTemplate::kIncompatibleMethodReceiver, |
| 319 name, receiver), | 332 name, receiver), |
| 320 Object); | 333 Object); |
| 321 } | 334 } |
| 322 | 335 |
| 323 Handle<ExecutableAccessorInfo> data = | 336 Handle<ExecutableAccessorInfo> data = |
| 324 Handle<ExecutableAccessorInfo>::cast(structure); | 337 Handle<ExecutableAccessorInfo>::cast(structure); |
| 325 v8::AccessorNameGetterCallback call_fun = | 338 v8::AccessorNameGetterCallback call_fun = |
| 326 v8::ToCData<v8::AccessorNameGetterCallback>(data->getter()); | 339 v8::ToCData<v8::AccessorNameGetterCallback>(data->getter()); |
| 327 if (call_fun == NULL) return isolate->factory()->undefined_value(); | 340 if (call_fun == NULL) return isolate->factory()->undefined_value(); |
| 328 | 341 |
| 329 LOG(isolate, ApiNamedPropertyAccess("load", *holder, *name)); | 342 LOG(isolate, ApiNamedPropertyAccess("load", *holder, *name)); |
| 330 PropertyCallbackArguments args(isolate, data->data(), *receiver, *holder); | 343 PropertyCallbackArguments args(isolate, data->data(), *receiver, *holder); |
| 331 v8::Handle<v8::Value> result = | 344 v8::Handle<v8::Value> result = |
| 332 args.Call(call_fun, v8::Utils::ToLocal(name)); | 345 args.Call(call_fun, v8::Utils::ToLocal(name)); |
| 333 RETURN_EXCEPTION_IF_SCHEDULED_EXCEPTION(isolate, Object); | 346 RETURN_EXCEPTION_IF_SCHEDULED_EXCEPTION(isolate, Object); |
| 334 if (result.IsEmpty()) { | 347 if (result.IsEmpty()) { |
| 348 if (is_strong(strength)) { |
| 349 THROW_NEW_ERROR(isolate, |
| 350 NewTypeError(MessageTemplate::kStrongPropertyAccess, |
| 351 receiver, name), |
| 352 Object); |
| 353 } |
| 335 return isolate->factory()->undefined_value(); | 354 return isolate->factory()->undefined_value(); |
| 336 } | 355 } |
| 337 Handle<Object> return_value = v8::Utils::OpenHandle(*result); | 356 Handle<Object> return_value = v8::Utils::OpenHandle(*result); |
| 338 return_value->VerifyApiCallResultType(); | 357 return_value->VerifyApiCallResultType(); |
| 339 // Rebox handle before return. | 358 // Rebox handle before return. |
| 340 return handle(*return_value, isolate); | 359 return handle(*return_value, isolate); |
| 341 } | 360 } |
| 342 | 361 |
| 343 // __defineGetter__ callback | 362 // __defineGetter__ callback |
| 344 Handle<Object> getter(Handle<AccessorPair>::cast(structure)->getter(), | 363 Handle<Object> getter(Handle<AccessorPair>::cast(structure)->getter(), |
| 345 isolate); | 364 isolate); |
| 346 if (getter->IsSpecFunction()) { | 365 if (getter->IsSpecFunction()) { |
| 347 // TODO(rossberg): nicer would be to cast to some JSCallable here... | 366 // TODO(rossberg): nicer would be to cast to some JSCallable here... |
| 348 return Object::GetPropertyWithDefinedGetter( | 367 return Object::GetPropertyWithDefinedGetter( |
| 349 receiver, Handle<JSReceiver>::cast(getter)); | 368 receiver, Handle<JSReceiver>::cast(getter)); |
| 350 } | 369 } |
| 351 // Getter is not a function. | 370 // Getter is not a function. |
| 371 if (is_strong(strength)) { |
| 372 THROW_NEW_ERROR(isolate, |
| 373 NewTypeError(MessageTemplate::kStrongPropertyAccess, |
| 374 receiver, it->GetName()), |
| 375 Object); |
| 376 } |
| 352 return isolate->factory()->undefined_value(); | 377 return isolate->factory()->undefined_value(); |
| 353 } | 378 } |
| 354 | 379 |
| 355 | 380 |
| 356 bool AccessorInfo::IsCompatibleReceiverMap(Isolate* isolate, | 381 bool AccessorInfo::IsCompatibleReceiverMap(Isolate* isolate, |
| 357 Handle<AccessorInfo> info, | 382 Handle<AccessorInfo> info, |
| 358 Handle<Map> map) { | 383 Handle<Map> map) { |
| 359 if (!info->HasExpectedReceiverType()) return true; | 384 if (!info->HasExpectedReceiverType()) return true; |
| 360 if (!map->IsJSObjectMap()) return false; | 385 if (!map->IsJSObjectMap()) return false; |
| 361 return FunctionTemplateInfo::cast(info->expected_receiver_type()) | 386 return FunctionTemplateInfo::cast(info->expected_receiver_type()) |
| (...skipping 118 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 480 } | 505 } |
| 481 } else if (it->state() == LookupIterator::INTERCEPTOR) { | 506 } else if (it->state() == LookupIterator::INTERCEPTOR) { |
| 482 if (it->GetInterceptor()->all_can_read()) return true; | 507 if (it->GetInterceptor()->all_can_read()) return true; |
| 483 } | 508 } |
| 484 } | 509 } |
| 485 return false; | 510 return false; |
| 486 } | 511 } |
| 487 | 512 |
| 488 | 513 |
| 489 MaybeHandle<Object> JSObject::GetPropertyWithFailedAccessCheck( | 514 MaybeHandle<Object> JSObject::GetPropertyWithFailedAccessCheck( |
| 490 LookupIterator* it) { | 515 LookupIterator* it, Strength strength) { |
| 491 Handle<JSObject> checked = it->GetHolder<JSObject>(); | 516 Handle<JSObject> checked = it->GetHolder<JSObject>(); |
| 492 while (FindAllCanReadHolder(it)) { | 517 while (FindAllCanReadHolder(it)) { |
| 493 if (it->state() == LookupIterator::ACCESSOR) { | 518 if (it->state() == LookupIterator::ACCESSOR) { |
| 494 return GetPropertyWithAccessor(it); | 519 return GetPropertyWithAccessor(it, strength); |
| 495 } | 520 } |
| 496 DCHECK_EQ(LookupIterator::INTERCEPTOR, it->state()); | 521 DCHECK_EQ(LookupIterator::INTERCEPTOR, it->state()); |
| 497 auto result = GetPropertyWithInterceptor(it); | 522 auto result = GetPropertyWithInterceptor(it); |
| 498 if (it->isolate()->has_scheduled_exception()) break; | 523 if (it->isolate()->has_scheduled_exception()) break; |
| 499 if (!result.is_null()) return result; | 524 if (!result.is_null()) return result; |
| 500 } | 525 } |
| 501 it->isolate()->ReportFailedAccessCheck(checked); | 526 it->isolate()->ReportFailedAccessCheck(checked); |
| 502 RETURN_EXCEPTION_IF_SCHEDULED_EXCEPTION(it->isolate(), Object); | 527 RETURN_EXCEPTION_IF_SCHEDULED_EXCEPTION(it->isolate(), Object); |
| 503 return it->factory()->undefined_value(); | 528 return it->factory()->undefined_value(); |
| 504 } | 529 } |
| (...skipping 16603 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 17108 Handle<Object> new_value) { | 17133 Handle<Object> new_value) { |
| 17109 if (cell->value() != *new_value) { | 17134 if (cell->value() != *new_value) { |
| 17110 cell->set_value(*new_value); | 17135 cell->set_value(*new_value); |
| 17111 Isolate* isolate = cell->GetIsolate(); | 17136 Isolate* isolate = cell->GetIsolate(); |
| 17112 cell->dependent_code()->DeoptimizeDependentCodeGroup( | 17137 cell->dependent_code()->DeoptimizeDependentCodeGroup( |
| 17113 isolate, DependentCode::kPropertyCellChangedGroup); | 17138 isolate, DependentCode::kPropertyCellChangedGroup); |
| 17114 } | 17139 } |
| 17115 } | 17140 } |
| 17116 } // namespace internal | 17141 } // namespace internal |
| 17117 } // namespace v8 | 17142 } // namespace v8 |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1168093002:
[strong] Implement strong mode restrictions on property access (Closed)
Base URL: https://chromium.googlesource.com/v8/v8.git@master