| Index: src/objects.cc
|
| diff --git a/src/objects.cc b/src/objects.cc
|
| index efe35ed30ecab035dc602df3b821b8f9002fd238..bb3bb5f19ca7d8635d6965f426f54db78de6dec3 100644
|
| --- a/src/objects.cc
|
| +++ b/src/objects.cc
|
| @@ -467,7 +467,8 @@ MaybeHandle<Object> Object::SetPropertyWithDefinedSetter(
|
| }
|
|
|
|
|
| -static bool FindAllCanReadHolder(LookupIterator* it) {
|
| +// static
|
| +bool JSObject::AllCanRead(LookupIterator* it) {
|
| // Skip current iteration, it's in state ACCESS_CHECK or INTERCEPTOR, both of
|
| // which have already been checked.
|
| DCHECK(it->state() == LookupIterator::ACCESS_CHECK ||
|
| @@ -489,7 +490,7 @@ static bool FindAllCanReadHolder(LookupIterator* it) {
|
| MaybeHandle<Object> JSObject::GetPropertyWithFailedAccessCheck(
|
| LookupIterator* it) {
|
| Handle<JSObject> checked = it->GetHolder<JSObject>();
|
| - while (FindAllCanReadHolder(it)) {
|
| + while (AllCanRead(it)) {
|
| if (it->state() == LookupIterator::ACCESSOR) {
|
| return GetPropertyWithAccessor(it, SLOPPY);
|
| }
|
| @@ -509,7 +510,7 @@ MaybeHandle<Object> JSObject::GetPropertyWithFailedAccessCheck(
|
| Maybe<PropertyAttributes> JSObject::GetPropertyAttributesWithFailedAccessCheck(
|
| LookupIterator* it) {
|
| Handle<JSObject> checked = it->GetHolder<JSObject>();
|
| - while (FindAllCanReadHolder(it)) {
|
| + while (AllCanRead(it)) {
|
| if (it->state() == LookupIterator::ACCESSOR) {
|
| return Just(it->property_details().attributes());
|
| }
|
| @@ -525,7 +526,8 @@ Maybe<PropertyAttributes> JSObject::GetPropertyAttributesWithFailedAccessCheck(
|
| }
|
|
|
|
|
| -static bool FindAllCanWriteHolder(LookupIterator* it) {
|
| +// static
|
| +bool JSObject::AllCanWrite(LookupIterator* it) {
|
| for (; it->IsFound(); it->Next()) {
|
| if (it->state() == LookupIterator::ACCESSOR) {
|
| Handle<Object> accessors = it->GetAccessors();
|
| @@ -541,7 +543,7 @@ static bool FindAllCanWriteHolder(LookupIterator* it) {
|
| MaybeHandle<Object> JSObject::SetPropertyWithFailedAccessCheck(
|
| LookupIterator* it, Handle<Object> value) {
|
| Handle<JSObject> checked = it->GetHolder<JSObject>();
|
| - if (FindAllCanWriteHolder(it)) {
|
| + if (AllCanWrite(it)) {
|
| // The supplied language-mode is ignored by SetPropertyWithAccessor.
|
| return SetPropertyWithAccessor(it, value, SLOPPY);
|
| }
|
| @@ -12889,10 +12891,11 @@ void FixedArray::SortPairs(FixedArray* numbers, uint32_t len) {
|
| // Fill in the names of own properties into the supplied storage. The main
|
| // purpose of this function is to provide reflection information for the object
|
| // mirrors.
|
| -void JSObject::GetOwnPropertyNames(
|
| - FixedArray* storage, int index, PropertyAttributes filter) {
|
| +int JSObject::GetOwnPropertyNames(FixedArray* storage, int index,
|
| + PropertyAttributes filter) {
|
| DCHECK(storage->length() >= (NumberOfOwnProperties(filter) - index));
|
| if (HasFastProperties()) {
|
| + int start_index = index;
|
| int real_size = map()->NumberOfOwnDescriptors();
|
| DescriptorArray* descs = map()->instance_descriptors();
|
| for (int i = 0; i < real_size; i++) {
|
| @@ -12901,12 +12904,13 @@ void JSObject::GetOwnPropertyNames(
|
| storage->set(index++, descs->GetKey(i));
|
| }
|
| }
|
| + return index - start_index;
|
| } else if (IsGlobalObject()) {
|
| - global_dictionary()->CopyKeysTo(storage, index, filter,
|
| - GlobalDictionary::UNSORTED);
|
| + return global_dictionary()->CopyKeysTo(storage, index, filter,
|
| + GlobalDictionary::UNSORTED);
|
| } else {
|
| - property_dictionary()->CopyKeysTo(storage, index, filter,
|
| - NameDictionary::UNSORTED);
|
| + return property_dictionary()->CopyKeysTo(storage, index, filter,
|
| + NameDictionary::UNSORTED);
|
| }
|
| }
|
|
|
| @@ -13006,7 +13010,7 @@ int JSObject::GetOwnElementKeys(FixedArray* storage,
|
|
|
| case DICTIONARY_ELEMENTS: {
|
| if (storage != NULL) {
|
| - element_dictionary()->CopyKeysTo(storage, filter,
|
| + element_dictionary()->CopyKeysTo(storage, 0, filter,
|
| SeededNumberDictionary::SORTED);
|
| }
|
| counter += element_dictionary()->NumberOfElementsFilterAttributes(filter);
|
| @@ -13023,7 +13027,7 @@ int JSObject::GetOwnElementKeys(FixedArray* storage,
|
| SeededNumberDictionary* dictionary =
|
| SeededNumberDictionary::cast(arguments);
|
| if (storage != NULL) {
|
| - dictionary->CopyKeysTo(storage, filter,
|
| + dictionary->CopyKeysTo(storage, 0, filter,
|
| SeededNumberDictionary::UNSORTED);
|
| }
|
| counter += dictionary->NumberOfElementsFilterAttributes(filter);
|
| @@ -14753,29 +14757,6 @@ bool Dictionary<Derived, Shape, Key>::HasComplexElements() {
|
| }
|
|
|
|
|
| -template <typename Derived, typename Shape, typename Key>
|
| -void Dictionary<Derived, Shape, Key>::CopyKeysTo(
|
| - FixedArray* storage, PropertyAttributes filter,
|
| - typename Dictionary<Derived, Shape, Key>::SortMode sort_mode) {
|
| - DCHECK(storage->length() >= NumberOfElementsFilterAttributes(filter));
|
| - int capacity = this->Capacity();
|
| - int index = 0;
|
| - for (int i = 0; i < capacity; i++) {
|
| - Object* k = this->KeyAt(i);
|
| - if (this->IsKey(k) && !FilterKey(k, filter)) {
|
| - if (this->IsDeleted(i)) continue;
|
| - PropertyDetails details = this->DetailsAt(i);
|
| - PropertyAttributes attr = details.attributes();
|
| - if ((attr & filter) == 0) storage->set(index++, k);
|
| - }
|
| - }
|
| - if (sort_mode == Dictionary::SORTED) {
|
| - storage->SortPairs(storage, index);
|
| - }
|
| - DCHECK(storage->length() >= index);
|
| -}
|
| -
|
| -
|
| template <typename Dictionary>
|
| struct EnumIndexComparator {
|
| explicit EnumIndexComparator(Dictionary* dict) : dict(dict) {}
|
| @@ -14815,10 +14796,11 @@ void Dictionary<Derived, Shape, Key>::CopyEnumKeysTo(FixedArray* storage) {
|
|
|
|
|
| template <typename Derived, typename Shape, typename Key>
|
| -void Dictionary<Derived, Shape, Key>::CopyKeysTo(
|
| +int Dictionary<Derived, Shape, Key>::CopyKeysTo(
|
| FixedArray* storage, int index, PropertyAttributes filter,
|
| typename Dictionary<Derived, Shape, Key>::SortMode sort_mode) {
|
| DCHECK(storage->length() >= NumberOfElementsFilterAttributes(filter));
|
| + int start_index = index;
|
| int capacity = this->Capacity();
|
| for (int i = 0; i < capacity; i++) {
|
| Object* k = this->KeyAt(i);
|
| @@ -14833,6 +14815,7 @@ void Dictionary<Derived, Shape, Key>::CopyKeysTo(
|
| storage->SortPairs(storage, index);
|
| }
|
| DCHECK(storage->length() >= index);
|
| + return index - start_index;
|
| }
|
|
|
|
|
|
|
Chromium Code Reviews
Issue 1242123002:
Fix GetOwnPropertyNames on access-checked objects (Closed)
Base URL: https://chromium.googlesource.com/v8/v8.git@master