Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(106)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: src/accessors.cc

Issue 411983003: Fix ArrayLengthSetter to not throw on non-extensible receivers. (Closed) Base URL: https://v8.googlecode.com/svn/branches/bleeding_edge
Patch Set: Created 6 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | test/mjsunit/regress/regress-mask-array-length.js » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2012 the V8 project authors. All rights reserved. 1 // Copyright 2012 the V8 project authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "src/v8.h" 5 #include "src/v8.h"
6 6
7 #include "src/accessors.h" 7 #include "src/accessors.h"
8 #include "src/api.h" 8 #include "src/api.h"
9 #include "src/compiler.h" 9 #include "src/compiler.h"
10 #include "src/contexts.h" 10 #include "src/contexts.h"
(...skipping 156 matching lines...) Expand 10 before | Expand all | Expand 10 after
167 info.GetReturnValue().Set(Utils::ToLocal(Handle<Object>(result, isolate))); 167 info.GetReturnValue().Set(Utils::ToLocal(Handle<Object>(result, isolate)));
168 } 168 }
169 169
170 170
171 void Accessors::ArrayLengthSetter( 171 void Accessors::ArrayLengthSetter(
172 v8::Local<v8::String> name, 172 v8::Local<v8::String> name,
173 v8::Local<v8::Value> val, 173 v8::Local<v8::Value> val,
174 const v8::PropertyCallbackInfo<void>& info) { 174 const v8::PropertyCallbackInfo<void>& info) {
175 i::Isolate* isolate = reinterpret_cast<i::Isolate*>(info.GetIsolate()); 175 i::Isolate* isolate = reinterpret_cast<i::Isolate*>(info.GetIsolate());
176 HandleScope scope(isolate); 176 HandleScope scope(isolate);
177 Handle<JSObject> object = Handle<JSObject>::cast( 177 Handle<JSObject> object = Utils::OpenHandle(*info.This());
178 Utils::OpenHandle(*info.This()));
179 Handle<Object> value = Utils::OpenHandle(*val); 178 Handle<Object> value = Utils::OpenHandle(*val);
180 // This means one of the object's prototypes is a JSArray and the 179 // This means one of the object's prototypes is a JSArray and the
181 // object does not have a 'length' property. Calling SetProperty 180 // object does not have a 'length' property. Calling SetProperty
182 // causes an infinite loop. 181 // causes an infinite loop.
183 if (!object->IsJSArray()) { 182 if (!object->IsJSArray()) {
183 // This behaves sloppy since we lost the actual strict-mode.
184 // TODO(verwaest): Fix by making ExecutableAccessorInfo behave like data
185 // properties.
186 if (!object->map()->is_extensible()) return;
184 MaybeHandle<Object> maybe_result = JSObject::SetOwnPropertyIgnoreAttributes( 187 MaybeHandle<Object> maybe_result = JSObject::SetOwnPropertyIgnoreAttributes(
185 object, isolate->factory()->length_string(), value, NONE); 188 object, isolate->factory()->length_string(), value, NONE);
186 maybe_result.Check(); 189 maybe_result.Check();
187 return; 190 return;
188 } 191 }
189 192
190 value = FlattenNumber(isolate, value); 193 value = FlattenNumber(isolate, value);
191 194
192 Handle<JSArray> array_handle = Handle<JSArray>::cast(object); 195 Handle<JSArray> array_handle = Handle<JSArray>::cast(object);
193 MaybeHandle<Object> maybe; 196 MaybeHandle<Object> maybe;
(...skipping 1157 matching lines...) Expand 10 before | Expand all | Expand 10 after
1351 info->set_data(Smi::FromInt(index)); 1354 info->set_data(Smi::FromInt(index));
1352 Handle<Object> getter = v8::FromCData(isolate, &ModuleGetExport); 1355 Handle<Object> getter = v8::FromCData(isolate, &ModuleGetExport);
1353 Handle<Object> setter = v8::FromCData(isolate, &ModuleSetExport); 1356 Handle<Object> setter = v8::FromCData(isolate, &ModuleSetExport);
1354 info->set_getter(*getter); 1357 info->set_getter(*getter);
1355 if (!(attributes & ReadOnly)) info->set_setter(*setter); 1358 if (!(attributes & ReadOnly)) info->set_setter(*setter);
1356 return info; 1359 return info;
1357 } 1360 }
1358 1361
1359 1362
1360 } } // namespace v8::internal 1363 } } // namespace v8::internal
OLDNEW
« no previous file with comments | « no previous file | test/mjsunit/regress/regress-mask-array-length.js » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698