Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(5)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: src/v8natives.js

Issue 12385082: Make sure builtin functions don't rely on __proto__. (Closed) Base URL: https://v8.googlecode.com/svn/branches/bleeding_edge
Patch Set: Created 7 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « src/runtime.cc ('k') | src/x64/full-codegen-x64.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2012 the V8 project authors. All rights reserved. 1 // Copyright 2012 the V8 project authors. All rights reserved.
2 // Redistribution and use in source and binary forms, with or without 2 // Redistribution and use in source and binary forms, with or without
3 // modification, are permitted provided that the following conditions are 3 // modification, are permitted provided that the following conditions are
4 // met: 4 // met:
5 // 5 //
6 // * Redistributions of source code must retain the above copyright 6 // * Redistributions of source code must retain the above copyright
7 // notice, this list of conditions and the following disclaimer. 7 // notice, this list of conditions and the following disclaimer.
8 // * Redistributions in binary form must reproduce the above 8 // * Redistributions in binary form must reproduce the above
9 // copyright notice, this list of conditions and the following 9 // copyright notice, this list of conditions and the following
10 // disclaimer in the documentation and/or other materials provided 10 // disclaimer in the documentation and/or other materials provided
(...skipping 76 matching lines...) Expand 10 before | Expand all | Expand 10 after
87 for (var i = 0; i < fields.length; i++) { 87 for (var i = 0; i < fields.length; i++) {
88 %SetProperty(prototype, fields[i], void 0, DONT_ENUM | DONT_DELETE); 88 %SetProperty(prototype, fields[i], void 0, DONT_ENUM | DONT_DELETE);
89 } 89 }
90 } 90 }
91 for (var i = 0; i < methods.length; i += 2) { 91 for (var i = 0; i < methods.length; i += 2) {
92 var key = methods[i]; 92 var key = methods[i];
93 var f = methods[i + 1]; 93 var f = methods[i + 1];
94 %SetProperty(prototype, key, f, DONT_ENUM | DONT_DELETE | READ_ONLY); 94 %SetProperty(prototype, key, f, DONT_ENUM | DONT_DELETE | READ_ONLY);
95 %SetNativeFlag(f); 95 %SetNativeFlag(f);
96 } 96 }
97 prototype.__proto__ = null; 97 %SetPrototype(prototype, null);
98 %ToFastProperties(prototype); 98 %ToFastProperties(prototype);
99 } 99 }
100 100
101 101
102 // ---------------------------------------------------------------------------- 102 // ----------------------------------------------------------------------------
103 103
104 104
105 // ECMA 262 - 15.1.4 105 // ECMA 262 - 15.1.4
106 function GlobalIsNaN(number) { 106 function GlobalIsNaN(number) {
107 if (!IS_NUMBER(number)) number = NonNumberToNumber(number); 107 if (!IS_NUMBER(number)) number = NonNumberToNumber(number);
(...skipping 959 matching lines...) Expand 10 before | Expand all | Expand 10 after
1067 1067
1068 return propertyNames; 1068 return propertyNames;
1069 } 1069 }
1070 1070
1071 1071
1072 // ES5 section 15.2.3.5. 1072 // ES5 section 15.2.3.5.
1073 function ObjectCreate(proto, properties) { 1073 function ObjectCreate(proto, properties) {
1074 if (!IS_SPEC_OBJECT(proto) && proto !== null) { 1074 if (!IS_SPEC_OBJECT(proto) && proto !== null) {
1075 throw MakeTypeError("proto_object_or_null", [proto]); 1075 throw MakeTypeError("proto_object_or_null", [proto]);
1076 } 1076 }
1077 var obj = new $Object(); 1077 var obj = { __proto__: proto };
1078 obj.__proto__ = proto;
1079 if (!IS_UNDEFINED(properties)) ObjectDefineProperties(obj, properties); 1078 if (!IS_UNDEFINED(properties)) ObjectDefineProperties(obj, properties);
1080 return obj; 1079 return obj;
1081 } 1080 }
1082 1081
1083 1082
1084 // ES5 section 15.2.3.6. 1083 // ES5 section 15.2.3.6.
1085 function ObjectDefineProperty(obj, p, attributes) { 1084 function ObjectDefineProperty(obj, p, attributes) {
1086 if (!IS_SPEC_OBJECT(obj)) { 1085 if (!IS_SPEC_OBJECT(obj)) {
1087 throw MakeTypeError("called_on_non_object", ["Object.defineProperty"]); 1086 throw MakeTypeError("called_on_non_object", ["Object.defineProperty"]);
1088 } 1087 }
(...skipping 635 matching lines...) Expand 10 before | Expand all | Expand 10 after
1724 1723
1725 function SetUpFunction() { 1724 function SetUpFunction() {
1726 %CheckIsBootstrapping(); 1725 %CheckIsBootstrapping();
1727 InstallFunctions($Function.prototype, DONT_ENUM, $Array( 1726 InstallFunctions($Function.prototype, DONT_ENUM, $Array(
1728 "bind", FunctionBind, 1727 "bind", FunctionBind,
1729 "toString", FunctionToString 1728 "toString", FunctionToString
1730 )); 1729 ));
1731 } 1730 }
1732 1731
1733 SetUpFunction(); 1732 SetUpFunction();
OLDNEW
« no previous file with comments | « src/runtime.cc ('k') | src/x64/full-codegen-x64.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698