Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(372)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 16295013: Only recurse to depth 10 in v8_value_converter_impl.cc. (Closed)

Created:
7 years, 6 months ago by not at google - send to devlin
Modified:
7 years, 6 months ago
Reviewers:
jamesr, Matt Perry
CC:
chromium-reviews, joi+watch-content_chromium.org, darin-cc_chromium.org, jam
Visibility:
Public.

Description

Recurse to a maximum depth of 10 in v8_value_converter_impl.cc. There are objects that get passed in (canonically <input> elements apparently) which recurse infinitely (as opposed to having a self-referential loop). The previous solution to this problem (r150035) was to disable getters, which apparently were the main cause, but this is no longer appropriate - we now use this mechanism for all extension messaging, and this has become a problem (see bug 246213). TBR=jamesr@chromium.org, R=mpcomplete@chromium.org BUG=246213, 139933 Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=204057

Patch Set 1 #

Patch Set 2 : . #

Patch Set 3 : . #

Patch Set 4 : . #

Patch Set 5 : . #

Patch Set 6 : put back disappearing HandleScope #

Patch Set 7 : . #

Patch Set 8 : fix up #

Total comments: 2

Patch Set 9 : add back missing rename #

Patch Set 10 : . #

Patch Set 11 : std::make_pari #

Unified diffs Side-by-side diffs Delta from patch set Stats (+132 lines, -98 lines) Patch
M chrome/test/data/extensions/api_test/executescript/callback/test.js View 1 2 3 4 5 6 1 chunk +1 line, -1 line 0 comments Download
M content/renderer/v8_value_converter_impl.h View 1 2 3 3 chunks +5 lines, -12 lines 0 comments Download
M content/renderer/v8_value_converter_impl.cc View 1 2 3 4 5 6 7 8 9 10 14 chunks +90 lines, -42 lines 0 comments Download
M content/renderer/v8_value_converter_impl_unittest.cc View 1 2 3 4 5 6 7 2 chunks +36 lines, -43 lines 0 comments Download

Messages

Total messages: 7 (0 generated)
not at google - send to devlin
7 years, 6 months ago (2013-06-03 23:03:32 UTC) #1
Matt Perry
lgtm https://codereview.chromium.org/16295013/diff/3010/content/renderer/v8_value_converter_impl.cc File content/renderer/v8_value_converter_impl.cc (right): https://codereview.chromium.org/16295013/diff/3010/content/renderer/v8_value_converter_impl.cc#newcode64 content/renderer/v8_value_converter_impl.cc:64: unique_map_.insert(std::pair<int, v8::Handle<v8::Object> >(hash, handle)); why not unique_map_[hash] = ...
7 years, 6 months ago (2013-06-03 23:15:38 UTC) #2
not at google - send to devlin
https://codereview.chromium.org/16295013/diff/3010/content/renderer/v8_value_converter_impl.cc File content/renderer/v8_value_converter_impl.cc (right): https://codereview.chromium.org/16295013/diff/3010/content/renderer/v8_value_converter_impl.cc#newcode64 content/renderer/v8_value_converter_impl.cc:64: unique_map_.insert(std::pair<int, v8::Handle<v8::Object> >(hash, handle)); On 2013/06/03 23:15:38, Matt Perry ...
7 years, 6 months ago (2013-06-04 00:15:05 UTC) #3
not at google - send to devlin
ping - I know it hasn't been that long, but this is really blocking me.
7 years, 6 months ago (2013-06-04 18:53:30 UTC) #4
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/kalman@chromium.org/16295013/7
7 years, 6 months ago (2013-06-04 19:24:22 UTC) #5
jamesr
I don't really understand this code, but if Matt's happy then lgtm
7 years, 6 months ago (2013-06-04 19:27:18 UTC) #6
not at google - send to devlin
7 years, 6 months ago (2013-06-04 22:01:39 UTC) #7
Message was sent while issue was closed. 
Committed patchset #11 manually as r204057 (presubmit successful).

Powered by Google App Engine
This is Rietveld 408576698