Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(437)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: src/runtime.cc

Issue 294073002: filter cross context eval (Closed) Base URL: https://v8.googlecode.com/svn/branches/bleeding_edge
Patch Set: rebase Created 6 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « src/generator.js ('k') | src/v8natives.js » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2012 the V8 project authors. All rights reserved. 1 // Copyright 2012 the V8 project authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include <stdlib.h> 5 #include <stdlib.h>
6 #include <limits> 6 #include <limits>
7 7
8 #include "v8.h" 8 #include "v8.h"
9 9
10 #include "accessors.h" 10 #include "accessors.h"
(...skipping 9766 matching lines...) Expand 10 before | Expand all | Expand 10 after
9777 // No callback set and code generation disallowed. 9777 // No callback set and code generation disallowed.
9778 return false; 9778 return false;
9779 } else { 9779 } else {
9780 // Callback set. Let it decide if code generation is allowed. 9780 // Callback set. Let it decide if code generation is allowed.
9781 VMState<EXTERNAL> state(isolate); 9781 VMState<EXTERNAL> state(isolate);
9782 return callback(v8::Utils::ToLocal(context)); 9782 return callback(v8::Utils::ToLocal(context));
9783 } 9783 }
9784 } 9784 }
9785 9785
9786 9786
9787 static Handle<JSFunction> FirstJSFunctionOnStack(Isolate* isolate) {
9788 for (StackTraceFrameIterator it(isolate); !it.done(); it.Advance()) {
9789 StackFrame* raw_frame = it.frame();
9790 if (!raw_frame->is_java_script()) continue;
9791 JavaScriptFrame* frame = JavaScriptFrame::cast(raw_frame);
9792 List<FrameSummary> frames(FLAG_max_inlining_levels + 1);
9793 frame->Summarize(&frames);
9794 for (int i = frames.length() - 1; i >= 0; i--) {
Toon Verwaest 2014/05/27 15:15:43 Why is this a for-loop? :)
dcarney 2014/05/27 15:45:11 originally, i was filtering stuff out
9795 return frames[i].function();
9796 }
9797 }
9798 return Handle<JSFunction>();
Toon Verwaest 2014/05/27 15:15:43 If you can return an empty handle, it should be a
9799 }
9800
9801
9787 RUNTIME_FUNCTION(Runtime_CompileString) { 9802 RUNTIME_FUNCTION(Runtime_CompileString) {
9788 HandleScope scope(isolate); 9803 HandleScope scope(isolate);
9789 ASSERT(args.length() == 2); 9804 ASSERT(args.length() == 2);
9790 CONVERT_ARG_HANDLE_CHECKED(String, source, 0); 9805 CONVERT_ARG_HANDLE_CHECKED(String, source, 0);
9791 CONVERT_BOOLEAN_ARG_CHECKED(function_literal_only, 1); 9806 CONVERT_BOOLEAN_ARG_CHECKED(function_literal_only, 1);
9792 9807
9793 // Extract native context. 9808 // Extract native context.
9794 Handle<Context> context(isolate->context()->native_context()); 9809 Handle<Context> context(isolate->context()->native_context());
9795 9810
9811 // Filter cross security context calls.
9812 {
9813 Handle<JSFunction> fun = FirstJSFunctionOnStack(isolate);
9814 if (fun.is_null() || !context->HasSameSecurityTokenAs(fun->context())) {
9815 return isolate->heap()->undefined_value();
9816 }
9817 }
9818
9796 // Check if native context allows code generation from 9819 // Check if native context allows code generation from
9797 // strings. Throw an exception if it doesn't. 9820 // strings. Throw an exception if it doesn't.
9798 if (context->allow_code_gen_from_strings()->IsFalse() && 9821 if (context->allow_code_gen_from_strings()->IsFalse() &&
9799 !CodeGenerationFromStringsAllowed(isolate, context)) { 9822 !CodeGenerationFromStringsAllowed(isolate, context)) {
9800 Handle<Object> error_message = 9823 Handle<Object> error_message =
9801 context->ErrorMessageForCodeGenerationFromStrings(); 9824 context->ErrorMessageForCodeGenerationFromStrings();
9802 return isolate->Throw(*isolate->factory()->NewEvalError( 9825 return isolate->Throw(*isolate->factory()->NewEvalError(
9803 "code_gen_from_strings", HandleVector<Object>(&error_message, 1))); 9826 "code_gen_from_strings", HandleVector<Object>(&error_message, 1)));
9804 } 9827 }
9805 9828
(...skipping 5365 matching lines...) Expand 10 before | Expand all | Expand 10 after
15171 } 15194 }
15172 return NULL; 15195 return NULL;
15173 } 15196 }
15174 15197
15175 15198
15176 const Runtime::Function* Runtime::FunctionForId(Runtime::FunctionId id) { 15199 const Runtime::Function* Runtime::FunctionForId(Runtime::FunctionId id) {
15177 return &(kIntrinsicFunctions[static_cast<int>(id)]); 15200 return &(kIntrinsicFunctions[static_cast<int>(id)]);
15178 } 15201 }
15179 15202
15180 } } // namespace v8::internal 15203 } } // namespace v8::internal
OLDNEW
« no previous file with comments | « src/generator.js ('k') | src/v8natives.js » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698