Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(774)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: src/accessors.cc

Issue 261103002: filter out .caller from other worlds (Closed) Base URL: https://v8.googlecode.com/svn/branches/bleeding_edge
Patch Set: Created 6 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | src/contexts.h » ('j') | src/isolate.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2012 the V8 project authors. All rights reserved. 1 // Copyright 2012 the V8 project authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "v8.h" 5 #include "v8.h"
6 #include "accessors.h" 6 #include "accessors.h"
7 7
8 #include "compiler.h" 8 #include "compiler.h"
9 #include "contexts.h" 9 #include "contexts.h"
10 #include "deoptimizer.h" 10 #include "deoptimizer.h"
(...skipping 1096 matching lines...) Expand 10 before | Expand all | Expand 10 after
1107 &FunctionArgumentsSetter, 1107 &FunctionArgumentsSetter,
1108 attributes); 1108 attributes);
1109 } 1109 }
1110 1110
1111 1111
1112 // 1112 //
1113 // Accessors::FunctionCaller 1113 // Accessors::FunctionCaller
1114 // 1114 //
1115 1115
1116 1116
1117 static inline bool AllowAccessToFunction(Context* current_context,
1118 JSFunction* function) {
1119 return current_context->HasSameSecurityTokenAs(function->context());
1120 }
1121
1122
1117 class FrameFunctionIterator { 1123 class FrameFunctionIterator {
1118 public: 1124 public:
1119 FrameFunctionIterator(Isolate* isolate, const DisallowHeapAllocation& promise) 1125 FrameFunctionIterator(Isolate* isolate, const DisallowHeapAllocation& promise)
1120 : frame_iterator_(isolate), 1126 : isolate_(isolate),
1127 frame_iterator_(isolate),
1121 functions_(2), 1128 functions_(2),
1122 index_(0) { 1129 index_(0) {
1123 GetFunctions(); 1130 GetFunctions();
1124 } 1131 }
1125 JSFunction* next() { 1132 JSFunction* next() {
1126 if (functions_.length() == 0) return NULL; 1133 if (functions_.length() == 0) return NULL;
1127 JSFunction* next_function = functions_[index_]; 1134 while (true) {
1128 index_--; 1135 JSFunction* next_function = functions_[index_];
1129 if (index_ < 0) { 1136 index_--;
1130 GetFunctions(); 1137 if (index_ < 0) {
1138 GetFunctions();
1139 }
1140 // Skip functions from other origins.
1141 if (!AllowAccessToFunction(isolate_->context(), next_function)) continue;
1142 return next_function;
1131 } 1143 }
1132 return next_function;
1133 } 1144 }
1134 1145
1135 // Iterate through functions until the first occurence of 'function'. 1146 // Iterate through functions until the first occurence of 'function'.
1136 // Returns true if 'function' is found, and false if the iterator ends 1147 // Returns true if 'function' is found, and false if the iterator ends
1137 // without finding it. 1148 // without finding it.
1138 bool Find(JSFunction* function) { 1149 bool Find(JSFunction* function) {
1139 JSFunction* next_function; 1150 JSFunction* next_function;
1140 do { 1151 do {
1141 next_function = next(); 1152 next_function = next();
1142 if (next_function == function) return true; 1153 if (next_function == function) return true;
1143 } while (next_function != NULL); 1154 } while (next_function != NULL);
1144 return false; 1155 return false;
1145 } 1156 }
1146 1157
1147 private: 1158 private:
1148 void GetFunctions() { 1159 void GetFunctions() {
1149 functions_.Rewind(0); 1160 functions_.Rewind(0);
1150 if (frame_iterator_.done()) return; 1161 if (frame_iterator_.done()) return;
1151 JavaScriptFrame* frame = frame_iterator_.frame(); 1162 JavaScriptFrame* frame = frame_iterator_.frame();
1152 frame->GetFunctions(&functions_); 1163 frame->GetFunctions(&functions_);
1153 ASSERT(functions_.length() > 0); 1164 ASSERT(functions_.length() > 0);
1154 frame_iterator_.Advance(); 1165 frame_iterator_.Advance();
1155 index_ = functions_.length() - 1; 1166 index_ = functions_.length() - 1;
1156 } 1167 }
1168 Isolate* isolate_;
1157 JavaScriptFrameIterator frame_iterator_; 1169 JavaScriptFrameIterator frame_iterator_;
1158 List<JSFunction*> functions_; 1170 List<JSFunction*> functions_;
1159 int index_; 1171 int index_;
1160 }; 1172 };
1161 1173
1162 1174
1163 MaybeHandle<JSFunction> FindCaller(Isolate* isolate, 1175 MaybeHandle<JSFunction> FindCaller(Isolate* isolate,
1164 Handle<JSFunction> function) { 1176 Handle<JSFunction> function) {
1165 DisallowHeapAllocation no_allocation; 1177 DisallowHeapAllocation no_allocation;
1166 FrameFunctionIterator it(isolate, no_allocation); 1178 FrameFunctionIterator it(isolate, no_allocation);
(...skipping 27 matching lines...) Expand all
1194 // and its associated throwing caller and arguments. 1206 // and its associated throwing caller and arguments.
1195 if (caller->shared()->bound()) { 1207 if (caller->shared()->bound()) {
1196 return MaybeHandle<JSFunction>(); 1208 return MaybeHandle<JSFunction>();
1197 } 1209 }
1198 // Censor if the caller is not a sloppy mode function. 1210 // Censor if the caller is not a sloppy mode function.
1199 // Change from ES5, which used to throw, see: 1211 // Change from ES5, which used to throw, see:
1200 // https://bugs.ecmascript.org/show_bug.cgi?id=310 1212 // https://bugs.ecmascript.org/show_bug.cgi?id=310
1201 if (caller->shared()->strict_mode() == STRICT) { 1213 if (caller->shared()->strict_mode() == STRICT) {
1202 return MaybeHandle<JSFunction>(); 1214 return MaybeHandle<JSFunction>();
1203 } 1215 }
1216 // Don't return caller from another security context.
1217 if (!AllowAccessToFunction(isolate->context(), caller)) {
1218 return MaybeHandle<JSFunction>();
1219 }
1204 return Handle<JSFunction>(caller); 1220 return Handle<JSFunction>(caller);
1205 } 1221 }
1206 1222
1207 1223
1208 void Accessors::FunctionCallerGetter( 1224 void Accessors::FunctionCallerGetter(
1209 v8::Local<v8::String> name, 1225 v8::Local<v8::String> name,
1210 const v8::PropertyCallbackInfo<v8::Value>& info) { 1226 const v8::PropertyCallbackInfo<v8::Value>& info) {
1211 i::Isolate* isolate = reinterpret_cast<i::Isolate*>(info.GetIsolate()); 1227 i::Isolate* isolate = reinterpret_cast<i::Isolate*>(info.GetIsolate());
1212 HandleScope scope(isolate); 1228 HandleScope scope(isolate);
1213 Handle<Object> object = Utils::OpenHandle(*info.This()); 1229 Handle<Object> object = Utils::OpenHandle(*info.This());
(...skipping 98 matching lines...) Expand 10 before | Expand all | Expand 10 after
1312 info->set_data(Smi::FromInt(index)); 1328 info->set_data(Smi::FromInt(index));
1313 Handle<Object> getter = v8::FromCData(isolate, &ModuleGetExport); 1329 Handle<Object> getter = v8::FromCData(isolate, &ModuleGetExport);
1314 Handle<Object> setter = v8::FromCData(isolate, &ModuleSetExport); 1330 Handle<Object> setter = v8::FromCData(isolate, &ModuleSetExport);
1315 info->set_getter(*getter); 1331 info->set_getter(*getter);
1316 if (!(attributes & ReadOnly)) info->set_setter(*setter); 1332 if (!(attributes & ReadOnly)) info->set_setter(*setter);
1317 return info; 1333 return info;
1318 } 1334 }
1319 1335
1320 1336
1321 } } // namespace v8::internal 1337 } } // namespace v8::internal
OLDNEW
« no previous file with comments | « no previous file | src/contexts.h » ('j') | src/isolate.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698