Diff
Modified: trunk/Source/_javascript_Core/API/JSBase.cpp (150380 => 150381)
--- trunk/Source/_javascript_Core/API/JSBase.cpp 2013-05-20 20:42:39 UTC (rev 150380)
+++ trunk/Source/_javascript_Core/API/JSBase.cpp 2013-05-20 21:10:19 UTC (rev 150381)
@@ -44,6 +44,10 @@
JSValueRef JSEvaluateScript(JSContextRef ctx, JSStringRef script, JSObjectRef thisObject, JSStringRef sourceURL, int startingLineNumber, JSValueRef* exception)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return 0;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
@@ -71,6 +75,10 @@
bool JSCheckScriptSyntax(JSContextRef ctx, JSStringRef script, JSStringRef sourceURL, int startingLineNumber, JSValueRef* exception)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return false;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
@@ -106,6 +114,10 @@
void JSReportExtraMemoryCost(JSContextRef ctx, size_t size)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
exec->vm().heap.reportExtraMemoryCost(size);
Modified: trunk/Source/_javascript_Core/API/JSContextRef.cpp (150380 => 150381)
--- trunk/Source/_javascript_Core/API/JSContextRef.cpp 2013-05-20 20:42:39 UTC (rev 150380)
+++ trunk/Source/_javascript_Core/API/JSContextRef.cpp 2013-05-20 21:10:19 UTC (rev 150381)
@@ -179,6 +179,10 @@
JSObjectRef JSContextGetGlobalObject(JSContextRef ctx)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return 0;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
@@ -188,12 +192,20 @@
JSContextGroupRef JSContextGetGroup(JSContextRef ctx)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return 0;
+ }
ExecState* exec = toJS(ctx);
return toRef(&exec->vm());
}
JSGlobalContextRef JSContextGetGlobalContext(JSContextRef ctx)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return 0;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
@@ -202,6 +214,10 @@
JSStringRef JSContextCreateBacktrace(JSContextRef ctx, unsigned maxStackSize)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return 0;
+ }
ExecState* exec = toJS(ctx);
JSLockHolder lock(exec);
StringBuilder builder;
Modified: trunk/Source/_javascript_Core/API/JSObjectRef.cpp (150380 => 150381)
--- trunk/Source/_javascript_Core/API/JSObjectRef.cpp 2013-05-20 20:42:39 UTC (rev 150380)
+++ trunk/Source/_javascript_Core/API/JSObjectRef.cpp 2013-05-20 21:10:19 UTC (rev 150381)
@@ -80,6 +80,10 @@
JSObjectRef JSObjectMake(JSContextRef ctx, JSClassRef jsClass, void* data)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return 0;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
@@ -95,6 +99,10 @@
JSObjectRef JSObjectMakeFunctionWithCallback(JSContextRef ctx, JSStringRef name, JSObjectCallAsFunctionCallback callAsFunction)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return 0;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
return toRef(JSCallbackFunction::create(exec, exec->lexicalGlobalObject(), callAsFunction, name ? name->string() : ASCIILiteral("anonymous")));
@@ -102,6 +110,10 @@
JSObjectRef JSObjectMakeConstructor(JSContextRef ctx, JSClassRef jsClass, JSObjectCallAsConstructorCallback callAsConstructor)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return 0;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
@@ -116,6 +128,10 @@
JSObjectRef JSObjectMakeFunction(JSContextRef ctx, JSStringRef name, unsigned parameterCount, const JSStringRef parameterNames[], JSStringRef body, JSStringRef sourceURL, int startingLineNumber, JSValueRef* exception)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return 0;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
@@ -138,6 +154,10 @@
JSObjectRef JSObjectMakeArray(JSContextRef ctx, size_t argumentCount, const JSValueRef arguments[], JSValueRef* exception)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return 0;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
@@ -163,6 +183,10 @@
JSObjectRef JSObjectMakeDate(JSContextRef ctx, size_t argumentCount, const JSValueRef arguments[], JSValueRef* exception)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return 0;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
@@ -183,6 +207,10 @@
JSObjectRef JSObjectMakeError(JSContextRef ctx, size_t argumentCount, const JSValueRef arguments[], JSValueRef* exception)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return 0;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
@@ -202,6 +230,10 @@
JSObjectRef JSObjectMakeRegExp(JSContextRef ctx, size_t argumentCount, const JSValueRef arguments[], JSValueRef* exception)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return 0;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
@@ -222,6 +254,10 @@
JSValueRef JSObjectGetPrototype(JSContextRef ctx, JSObjectRef object)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return 0;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
@@ -231,6 +267,10 @@
void JSObjectSetPrototype(JSContextRef ctx, JSObjectRef object, JSValueRef value)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
@@ -242,6 +282,10 @@
bool JSObjectHasProperty(JSContextRef ctx, JSObjectRef object, JSStringRef propertyName)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return false;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
@@ -252,6 +296,10 @@
JSValueRef JSObjectGetProperty(JSContextRef ctx, JSObjectRef object, JSStringRef propertyName, JSValueRef* exception)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return 0;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
@@ -268,6 +316,10 @@
void JSObjectSetProperty(JSContextRef ctx, JSObjectRef object, JSStringRef propertyName, JSValueRef value, JSPropertyAttributes attributes, JSValueRef* exception)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
@@ -291,6 +343,10 @@
JSValueRef JSObjectGetPropertyAtIndex(JSContextRef ctx, JSObjectRef object, unsigned propertyIndex, JSValueRef* exception)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return 0;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
@@ -308,6 +364,10 @@
void JSObjectSetPropertyAtIndex(JSContextRef ctx, JSObjectRef object, unsigned propertyIndex, JSValueRef value, JSValueRef* exception)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
@@ -324,6 +384,10 @@
bool JSObjectDeleteProperty(JSContextRef ctx, JSObjectRef object, JSStringRef propertyName, JSValueRef* exception)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return false;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
@@ -538,6 +602,10 @@
JSPropertyNameArrayRef JSObjectCopyPropertyNames(JSContextRef ctx, JSObjectRef object)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return 0;
+ }
JSObject* jsObject = toJS(object);
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
Modified: trunk/Source/_javascript_Core/API/JSValueRef.cpp (150380 => 150381)
--- trunk/Source/_javascript_Core/API/JSValueRef.cpp 2013-05-20 20:42:39 UTC (rev 150380)
+++ trunk/Source/_javascript_Core/API/JSValueRef.cpp 2013-05-20 21:10:19 UTC (rev 150381)
@@ -64,6 +64,10 @@
::JSType JSValueGetType(JSContextRef ctx, JSValueRef value)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return kJSTypeUndefined;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
@@ -85,6 +89,10 @@
bool JSValueIsUndefined(JSContextRef ctx, JSValueRef value)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return false;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
@@ -94,6 +102,10 @@
bool JSValueIsNull(JSContextRef ctx, JSValueRef value)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return false;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
@@ -103,6 +115,10 @@
bool JSValueIsBoolean(JSContextRef ctx, JSValueRef value)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return false;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
@@ -112,6 +128,10 @@
bool JSValueIsNumber(JSContextRef ctx, JSValueRef value)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return false;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
@@ -121,6 +141,10 @@
bool JSValueIsString(JSContextRef ctx, JSValueRef value)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return false;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
@@ -130,6 +154,10 @@
bool JSValueIsObject(JSContextRef ctx, JSValueRef value)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return false;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
@@ -139,6 +167,10 @@
bool JSValueIsObjectOfClass(JSContextRef ctx, JSValueRef value, JSClassRef jsClass)
{
+ if (!ctx || !jsClass) {
+ ASSERT_NOT_REACHED();
+ return false;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
@@ -159,6 +191,10 @@
bool JSValueIsEqual(JSContextRef ctx, JSValueRef a, JSValueRef b, JSValueRef* exception)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return false;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
@@ -176,6 +212,10 @@
bool JSValueIsStrictEqual(JSContextRef ctx, JSValueRef a, JSValueRef b)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return false;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
@@ -187,6 +227,10 @@
bool JSValueIsInstanceOfConstructor(JSContextRef ctx, JSValueRef value, JSObjectRef constructor, JSValueRef* exception)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return false;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
@@ -206,6 +250,10 @@
JSValueRef JSValueMakeUndefined(JSContextRef ctx)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return 0;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
@@ -214,6 +262,10 @@
JSValueRef JSValueMakeNull(JSContextRef ctx)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return 0;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
@@ -222,6 +274,10 @@
JSValueRef JSValueMakeBoolean(JSContextRef ctx, bool value)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return 0;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
@@ -230,6 +286,10 @@
JSValueRef JSValueMakeNumber(JSContextRef ctx, double value)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return 0;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
@@ -244,6 +304,10 @@
JSValueRef JSValueMakeString(JSContextRef ctx, JSStringRef string)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return 0;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
@@ -252,6 +316,10 @@
JSValueRef JSValueMakeFromJSONString(JSContextRef ctx, JSStringRef string)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return 0;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
String str = string->string();
@@ -266,6 +334,10 @@
JSStringRef JSValueCreateJSONString(JSContextRef ctx, JSValueRef apiValue, unsigned indent, JSValueRef* exception)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return 0;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
JSValue value = toJS(exec, apiValue);
@@ -283,6 +355,10 @@
bool JSValueToBoolean(JSContextRef ctx, JSValueRef value)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return false;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
@@ -292,6 +368,10 @@
double JSValueToNumber(JSContextRef ctx, JSValueRef value, JSValueRef* exception)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return QNaN;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
@@ -309,6 +389,10 @@
JSStringRef JSValueToStringCopy(JSContextRef ctx, JSValueRef value, JSValueRef* exception)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return 0;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
@@ -326,6 +410,10 @@
JSObjectRef JSValueToObject(JSContextRef ctx, JSValueRef value, JSValueRef* exception)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return 0;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
@@ -343,6 +431,10 @@
void JSValueProtect(JSContextRef ctx, JSValueRef value)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
Modified: trunk/Source/_javascript_Core/API/JSWeakObjectMapRefPrivate.cpp (150380 => 150381)
--- trunk/Source/_javascript_Core/API/JSWeakObjectMapRefPrivate.cpp 2013-05-20 20:42:39 UTC (rev 150380)
+++ trunk/Source/_javascript_Core/API/JSWeakObjectMapRefPrivate.cpp 2013-05-20 21:10:19 UTC (rev 150381)
@@ -54,6 +54,10 @@
void JSWeakObjectMapSet(JSContextRef ctx, JSWeakObjectMapRef map, void* key, JSObjectRef object)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
JSObject* obj = toJS(object);
@@ -65,6 +69,10 @@
JSObjectRef JSWeakObjectMapGet(JSContextRef ctx, JSWeakObjectMapRef map, void* key)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return 0;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
return toRef(jsCast<JSObject*>(map->map().get(key)));
@@ -72,6 +80,10 @@
void JSWeakObjectMapRemove(JSContextRef ctx, JSWeakObjectMapRef map, void* key)
{
+ if (!ctx) {
+ ASSERT_NOT_REACHED();
+ return;
+ }
ExecState* exec = toJS(ctx);
APIEntryShim entryShim(exec);
map->map().remove(key);
Modified: trunk/Source/_javascript_Core/ChangeLog (150380 => 150381)
--- trunk/Source/_javascript_Core/ChangeLog 2013-05-20 20:42:39 UTC (rev 150380)
+++ trunk/Source/_javascript_Core/ChangeLog 2013-05-20 21:10:19 UTC (rev 150381)
@@ -1,3 +1,70 @@
+2013-05-20 Oliver Hunt <oli...@apple.com>
+
+ Make C API more robust against null contexts
+ https://bugs.webkit.org/show_bug.cgi?id=116462
+
+ Reviewed by Anders Carlsson.
+
+ Handle null contexts in a non-crashy way. It's a bug to ever call the
+ API with a null context, and the absence of a context means we can't
+ produce a meaningful result, so we still assert in debug builds.
+
+ Now where possible we detect and early return, returning null for any
+ pointer type, NaN for doubles, and false for any boolean result.
+
+ * API/JSBase.cpp:
+ (JSEvaluateScript):
+ (JSCheckScriptSyntax):
+ (JSReportExtraMemoryCost):
+ * API/JSContextRef.cpp:
+ (JSContextGetGlobalObject):
+ (JSContextGetGroup):
+ (JSContextGetGlobalContext):
+ (JSContextCreateBacktrace):
+ * API/JSObjectRef.cpp:
+ (JSObjectMake):
+ (JSObjectMakeFunctionWithCallback):
+ (JSObjectMakeConstructor):
+ (JSObjectMakeFunction):
+ (JSObjectMakeArray):
+ (JSObjectMakeDate):
+ (JSObjectMakeError):
+ (JSObjectMakeRegExp):
+ (JSObjectGetPrototype):
+ (JSObjectSetPrototype):
+ (JSObjectHasProperty):
+ (JSObjectGetProperty):
+ (JSObjectSetProperty):
+ (JSObjectGetPropertyAtIndex):
+ (JSObjectSetPropertyAtIndex):
+ (JSObjectDeleteProperty):
+ (JSObjectCopyPropertyNames):
+ * API/JSValueRef.cpp:
+ (JSValueGetType):
+ (JSValueIsUndefined):
+ (JSValueIsNull):
+ (JSValueIsBoolean):
+ (JSValueIsNumber):
+ (JSValueIsString):
+ (JSValueIsObject):
+ (JSValueIsObjectOfClass):
+ (JSValueIsEqual):
+ (JSValueIsStrictEqual):
+ (JSValueIsInstanceOfConstructor):
+ (JSValueMakeUndefined):
+ (JSValueMakeNull):
+ (JSValueMakeBoolean):
+ (JSValueMakeNumber):
+ (JSValueMakeString):
+ (JSValueMakeFromJSONString):
+ (JSValueCreateJSONString):
+ (JSValueToBoolean):
+ (JSValueToNumber):
+ (JSValueToStringCopy):
+ (JSValueToObject):
+ (JSValueProtect):
+ * API/JSWeakObjectMapRefPrivate.cpp:
+
2013-05-20 David Kilzer <ddkil...@apple.com>
Synchronize FeatureDefines.xcconfig
