| OLD | NEW |
|---|
| (Empty) |
| 1 /* | |
| 2 * Copyright (C) 2014 Google Inc. All rights reserved. | |
| 3 * | |
| 4 * Redistribution and use in source and binary forms, with or without | |
| 5 * modification, are permitted provided that the following conditions are | |
| 6 * met: | |
| 7 * | |
| 8 * * Redistributions of source code must retain the above copyright | |
| 9 * notice, this list of conditions and the following disclaimer. | |
| 10 * * Redistributions in binary form must reproduce the above | |
| 11 * copyright notice, this list of conditions and the following disclaimer | |
| 12 * in the documentation and/or other materials provided with the | |
| 13 * distribution. | |
| 14 * * Neither the name of Google Inc. nor the names of its | |
| 15 * contributors may be used to endorse or promote products derived from | |
| 16 * this software without specific prior written permission. | |
| 17 * | |
| 18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS | |
| 19 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT | |
| 20 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR | |
| 21 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT | |
| 22 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | |
| 23 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT | |
| 24 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | |
| 25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | |
| 26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | |
| 27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE | |
| 28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | |
| 29 */ | |
| 30 | |
| 31 #ifndef ScriptWrappable_h | |
| 32 #define ScriptWrappable_h | |
| 33 | |
| 34 #include "platform/ScriptForbiddenScope.h" | |
| 35 #include "platform/heap/Handle.h" | |
| 36 #include <v8.h> | |
| 37 #include "wtf/Assertions.h" | |
| 38 | |
| 39 // Helper to call webCoreInitializeScriptWrappableForInterface in the global nam
espace. | |
| 40 template <class C> inline void initializeScriptWrappableHelper(C* object) | |
| 41 { | |
| 42 void webCoreInitializeScriptWrappableForInterface(C*); | |
| 43 webCoreInitializeScriptWrappableForInterface(object); | |
| 44 } | |
| 45 | |
| 46 namespace blink { | |
| 47 | |
| 48 // Forward declarations. | |
| 49 class DartWrapperInfo; | |
| 50 class DartMultiWrapperInfo; | |
| 51 struct WrapperTypeInfo; | |
| 52 | |
| 53 /** | |
| 54 * The base class of all wrappable objects. | |
| 55 * | |
| 56 * This class provides the internal pointer to be stored in the wrapper objects, | |
| 57 * and its conversions from / to the DOM instances. | |
| 58 * | |
| 59 * Note that this class must not have vtbl (any virtual function) or any member | |
| 60 * variable which increase the size of instances. Some of the classes sensitive | |
| 61 * to the size inherit from this class. So this class must be zero size. | |
| 62 */ | |
| 63 class ScriptWrappableBase { | |
| 64 public: | |
| 65 template <class T> static T* fromInternalPointer(ScriptWrappableBase* intern
alPointer) | |
| 66 { | |
| 67 // Check if T* is castable to ScriptWrappableBase*, which means T | |
| 68 // doesn't have two or more ScriptWrappableBase as superclasses. | |
| 69 // If T has two ScriptWrappableBase as superclasses, conversions | |
| 70 // from T* to ScriptWrappableBase* are ambiguous. | |
| 71 ASSERT(static_cast<ScriptWrappableBase*>(static_cast<T*>(internalPointer
))); | |
| 72 return static_cast<T*>(internalPointer); | |
| 73 } | |
| 74 ScriptWrappableBase* toInternalPointer() { return this; } | |
| 75 }; | |
| 76 | |
| 77 // An optimization to avoid in the common case the cost of map lookups when | |
| 78 // finding the V8 or Dart wrapper for a Blink object and to quickly find the | |
| 79 // most specific V8 or Dart wrapper type for a Blink object. | |
| 80 class ScriptWrappable : public ScriptWrappableBase { | |
| 81 public: | |
| 82 class TaggedPointer { | |
| 83 private: | |
| 84 enum { | |
| 85 kTypeInfoTag = 0x0, | |
| 86 kV8WrapperTag = 0x1, | |
| 87 kDartWrapperTag = 0x2, | |
| 88 kMultiWrapperTag = 0x3 | |
| 89 }; | |
| 90 static const intptr_t kWrappableBitMask = 0x3; | |
| 91 | |
| 92 uintptr_t m_ptr; | |
| 93 | |
| 94 public: | |
| 95 TaggedPointer() : m_ptr(0) { } | |
| 96 | |
| 97 explicit TaggedPointer(const WrapperTypeInfo* info) : m_ptr(reinterpret_
cast<uintptr_t>(info) | kTypeInfoTag) | |
| 98 { | |
| 99 // Assert incoming pointer is non-null and 4-byte aligned. | |
| 100 ASSERT(info && ((reinterpret_cast<uintptr_t>(info) & kWrappableBitMa
sk) == 0)); | |
| 101 } | |
| 102 | |
| 103 explicit TaggedPointer(v8::Object* info) : m_ptr(reinterpret_cast<uintpt
r_t>(info) | kV8WrapperTag) | |
| 104 { | |
| 105 // Assert incoming pointer is non-null and 4-byte aligned. | |
| 106 ASSERT(info && ((reinterpret_cast<uintptr_t>(info) & kWrappableBitMa
sk) == 0)); | |
| 107 } | |
| 108 | |
| 109 explicit TaggedPointer(DartWrapperInfo* info) : m_ptr(reinterpret_cast<u
intptr_t>(info) | kDartWrapperTag) | |
| 110 { | |
| 111 // Assert incoming pointer is non-null and 4-byte aligned. | |
| 112 ASSERT(info && ((reinterpret_cast<uintptr_t>(info) & kWrappableBitMa
sk) == 0)); | |
| 113 } | |
| 114 | |
| 115 explicit TaggedPointer(DartMultiWrapperInfo* info) : m_ptr(reinterpret_c
ast<uintptr_t>(info) | kMultiWrapperTag) | |
| 116 { | |
| 117 // Assert incoming pointer is non-null and 4-byte aligned. | |
| 118 ASSERT(info && ((reinterpret_cast<uintptr_t>(info) & kWrappableBitMa
sk) == 0)); | |
| 119 } | |
| 120 | |
| 121 inline bool isEmpty() const | |
| 122 { | |
| 123 return !m_ptr; | |
| 124 } | |
| 125 | |
| 126 inline bool isWrapperTypeInfo() const | |
| 127 { | |
| 128 return (m_ptr & kWrappableBitMask) == kTypeInfoTag; | |
| 129 } | |
| 130 | |
| 131 inline bool isV8Wrapper() const | |
| 132 { | |
| 133 return (m_ptr & kWrappableBitMask) == kV8WrapperTag; | |
| 134 } | |
| 135 | |
| 136 inline bool isDartWrapperInfo() const | |
| 137 { | |
| 138 return (m_ptr & kWrappableBitMask) == kDartWrapperTag; | |
| 139 } | |
| 140 | |
| 141 inline bool isDartMultiWrapperInfo() const | |
| 142 { | |
| 143 return (m_ptr & kWrappableBitMask) == kMultiWrapperTag; | |
| 144 } | |
| 145 | |
| 146 inline const WrapperTypeInfo* wrapperTypeInfo() const | |
| 147 { | |
| 148 return reinterpret_cast<const WrapperTypeInfo*>(m_ptr & ~kWrappableB
itMask); | |
| 149 } | |
| 150 | |
| 151 inline v8::Object* v8Wrapper() const | |
| 152 { | |
| 153 return reinterpret_cast<v8::Object*>(m_ptr & ~kWrappableBitMask); | |
| 154 } | |
| 155 | |
| 156 inline DartWrapperInfo* dartWrapperInfo() const | |
| 157 { | |
| 158 return reinterpret_cast<DartWrapperInfo*>(m_ptr & ~kWrappableBitMask
); | |
| 159 } | |
| 160 | |
| 161 inline DartMultiWrapperInfo* dartMultiWrapperInfo() const | |
| 162 { | |
| 163 return reinterpret_cast<DartMultiWrapperInfo*>(m_ptr & ~kWrappableBi
tMask); | |
| 164 } | |
| 165 | |
| 166 inline void clear() | |
| 167 { | |
| 168 m_ptr = 0; | |
| 169 } | |
| 170 }; | |
| 171 | |
| 172 COMPILE_ASSERT(sizeof(TaggedPointer) == sizeof(void*), taggedPointerIsNotOne
Word); | |
| 173 | |
| 174 public: | |
| 175 ScriptWrappable() : m_v8WrapperOrTypeInfo(), m_dartWrapperInfo() { } | |
| 176 | |
| 177 // Wrappables need to be initialized with their most derived type for which | |
| 178 // bindings exist, in much the same way that certain other types need to be | |
| 179 // adopted and so forth. The overloaded initializeScriptWrappableForInterfac
e() | |
| 180 // functions are implemented by the generated V8 bindings code. Declaring th
e | |
| 181 // extern function in the template avoids making a centralized header of all | |
| 182 // the bindings in the universe. C++11's extern template feature may provide | |
| 183 // a cleaner solution someday. | |
| 184 // FIXME: Also initialize Dart type info. | |
| 185 template <class C> static void init(C* object) | |
| 186 { | |
| 187 initializeScriptWrappableHelper(object); | |
| 188 } | |
| 189 | |
| 190 inline const WrapperTypeInfo* getTypeInfo() const; | |
| 191 inline void setTypeInfo(const WrapperTypeInfo* info); | |
| 192 | |
| 193 inline bool containsV8Wrapper() const; | |
| 194 inline void setV8Wrapper(v8::Object* wrapper); | |
| 195 inline v8::Object* getV8Wrapper() const; | |
| 196 inline void clearV8Wrapper(v8::Local<v8::Object> wrapper, v8::Persistent<v8:
:Object>* persistent); | |
| 197 | |
| 198 inline void setDartWrapper(void* domData, void* wrapper); | |
| 199 inline void* getDartWrapper(void * domData) const; | |
| 200 inline void clearDartWrapper(void* domData); | |
| 201 | |
| 202 static bool wrapperCanBeStoredInObject(const void*) { return false; } | |
| 203 static bool wrapperCanBeStoredInObject(const ScriptWrappable*) { return true
; } | |
| 204 | |
| 205 static ScriptWrappable* fromObject(const void*) | |
| 206 { | |
| 207 ASSERT_NOT_REACHED(); | |
| 208 return 0; | |
| 209 } | |
| 210 | |
| 211 static ScriptWrappable* fromObject(ScriptWrappable* object) | |
| 212 { | |
| 213 return object; | |
| 214 } | |
| 215 | |
| 216 #if !ENABLE(OILPAN) | |
| 217 protected: | |
| 218 virtual ~ScriptWrappable() | |
| 219 { | |
| 220 // We must not get deleted as long as we contain a wrapper. If this happ
ens, we screwed up ref | |
| 221 // counting somewhere. Crash here instead of crashing during a later gc
cycle. | |
| 222 RELEASE_ASSERT_WITH_SECURITY_IMPLICATION(m_v8WrapperOrTypeInfo.isWrapper
TypeInfo()); | |
| 223 RELEASE_ASSERT_WITH_SECURITY_IMPLICATION(m_dartWrapperInfo.isEmpty()); | |
| 224 // Assert initialization via init() even if not subsequently wrapped. | |
| 225 ASSERT(!m_v8WrapperOrTypeInfo.isEmpty()); | |
| 226 // Break UAF attempts to wrap. | |
| 227 m_v8WrapperOrTypeInfo.clear(); | |
| 228 } | |
| 229 #endif | |
| 230 // With Oilpan we don't need a ScriptWrappable destructor. | |
| 231 // | |
| 232 // - 'RELEASE_ASSERT_WITH_SECURITY_IMPLICATION(!containsWrapper())' is not n
eeded | |
| 233 // because Oilpan is not using reference counting at all. If containsWrapper
() is true, | |
| 234 // it means that ScriptWrappable still has a wrapper. In this case, the dest
ructor | |
| 235 // must not be called since the wrapper has a persistent handle back to this
ScriptWrappable object. | |
| 236 // Assuming that Oilpan's GC is correct (If we cannot assume this, a lot of
more things are | |
| 237 // already broken), we must not hit the RELEASE_ASSERT. | |
| 238 // | |
| 239 // - 'm_wrapperOrTypeInfo = 0' is not needed because Oilpan's GC zeroes out
memory when | |
| 240 // the memory is collected and added to a free list. | |
| 241 | |
| 242 private: | |
| 243 // A tagged pointer to this object's V8 or Dart peer. It may contain: | |
| 244 // -- nothing, transiently during construction/destruction | |
| 245 // -- WrapperTypeInfo, if this object has no peers | |
| 246 // -- v8::Object, if this object has a V8 peer in the main world and no Dart | |
| 247 // peer | |
| 248 // -- DartWrapperInfo, if this object has one Dart peer and possibly a V8 | |
| 249 // peer in the main world | |
| 250 // -- DartMultiWrapperInfo, if this object has more than one Dart peer and | |
| 251 // possibly a V8 peer in the main world | |
| 252 TaggedPointer m_v8WrapperOrTypeInfo; | |
| 253 TaggedPointer m_dartWrapperInfo; | |
| 254 }; | |
| 255 | |
| 256 } // namespace blink | |
| 257 | |
| 258 #include "bindings/core/dart/DartScriptWrappable.h" | |
| 259 #include "bindings/core/v8/V8ScriptWrappable.h" | |
| 260 | |
| 261 #endif // ScriptWrappable_h | |
| OLD | NEW |
|---|
Chromium Code Reviews
