Skip to site navigation (Press enter)

[webkit-changes] [164439] trunk/Source/JavaScriptCore

mhahnenberg Thu, 20 Feb 2014 11:35:24 -0800

Title: [164439] trunk/Source/_javascript_Core

Revision: 164439
Author: mhahnenb...@apple.com
Date: 2014-02-20 11:40:04 -0800 (Thu, 20 Feb 2014)

Log Message

Dynamically generated JSExport protocols added to a class results in a crash
https://bugs.webkit.org/show_bug.cgi?id=129108


Reviewed by Oliver Hunt.

We're not getting any information from the runtime about the types of the methods on
these protocols because they didn't exist at compile time. We should handle this gracefully.

* API/ObjCCallbackFunction.mm:
(objCCallbackFunctionForInvocation):
* API/tests/JSExportTests.mm:
(+[JSExportTests exportDynamicallyGeneratedProtocolTest]):
(runJSExportTests):

Modified Paths

trunk/Source/_javascript_Core/API/ObjCCallbackFunction.mm
trunk/Source/_javascript_Core/API/tests/JSExportTests.mm
trunk/Source/_javascript_Core/ChangeLog

Diff

Modified: trunk/Source/_javascript_Core/API/ObjCCallbackFunction.mm (164438 => 164439)


--- trunk/Source/_javascript_Core/API/ObjCCallbackFunction.mm	2014-02-20 19:31:02 UTC (rev 164438)
+++ trunk/Source/_javascript_Core/API/ObjCCallbackFunction.mm	2014-02-20 19:40:04 UTC (rev 164439)
@@ -632,6 +632,9 @@
 
 static JSObjectRef objCCallbackFunctionForInvocation(JSContext *context, NSInvocation *invocation, CallbackType type, Class instanceClass, const char* signatureWithObjcClasses)
 {
+    if (!signatureWithObjcClasses)
+        return nil;
+
     const char* position = signatureWithObjcClasses;
 
     OwnPtr<CallbackResult> result = adoptPtr(parseObjCType<ResultTypeDelegate>(position));

Modified: trunk/Source/_javascript_Core/API/tests/JSExportTests.mm (164438 => 164439)


--- trunk/Source/_javascript_Core/API/tests/JSExportTests.mm	2014-02-20 19:31:02 UTC (rev 164438)
+++ trunk/Source/_javascript_Core/API/tests/JSExportTests.mm	2014-02-20 19:40:04 UTC (rev 164439)
@@ -25,6 +25,9 @@
 
 #import "JSExportTests.h"
 
+#import <objc/runtime.h>
+#import <objc/objc.h>
+
 #if JSC_OBJC_API_ENABLED
 
 extern "C" void checkResult(NSString *description, bool passed);
@@ -32,6 +35,7 @@
 @interface JSExportTests : NSObject
 + (void) exportInstanceMethodWithIdProtocolTest;
 + (void) exportInstanceMethodWithClassProtocolTest;
++ (void) exportDynamicallyGeneratedProtocolTest;
 @end
 
 @protocol TruthTeller
@@ -100,6 +104,25 @@
     [context evaluateScript:@"makeTestObject().methodWithClassProtocol(opaqueObject);"];
     checkResult(@"Successfully exported instance method", !context.exception);
 }
+
++ (void) exportDynamicallyGeneratedProtocolTest
+{
+    JSContext *context = [[JSContext alloc] init];
+    Protocol *dynProtocol = objc_allocateProtocol("NSStringJSExport");
+    Protocol *jsExportProtocol = @protocol(JSExport);
+    protocol_addProtocol(dynProtocol, jsExportProtocol);
+    Method method = class_getInstanceMethod([NSString class], @selector(boolValue));
+    protocol_addMethodDescription(dynProtocol, @selector(boolValue), method_getTypeEncoding(method), YES, YES);
+    NSLog(@"type encoding = %s", method_getTypeEncoding(method));
+    protocol_addMethodDescription(dynProtocol, @selector(boolValue), "B@:", YES, YES);
+    objc_registerProtocol(dynProtocol);
+    class_addProtocol([NSString class], dynProtocol);
+    
+    context[@"NSString"] = [NSString class];
+    context[@"myString"] = @"YES";
+    JSValue *value = [context evaluateScript:@"myString.boolValue()"];
+    checkResult(@"Dynamically generated JSExport-ed protocols are ignored", [value isUndefined] && !!context.exception);
+}
 @end
 
 void runJSExportTests()
@@ -107,6 +130,7 @@
     @autoreleasepool {
         [JSExportTests exportInstanceMethodWithIdProtocolTest];
         [JSExportTests exportInstanceMethodWithClassProtocolTest];
+        [JSExportTests exportDynamicallyGeneratedProtocolTest];
     }
 }

Modified: trunk/Source/_javascript_Core/ChangeLog (164438 => 164439)


--- trunk/Source/_javascript_Core/ChangeLog	2014-02-20 19:31:02 UTC (rev 164438)
+++ trunk/Source/_javascript_Core/ChangeLog	2014-02-20 19:40:04 UTC (rev 164439)
@@ -1,3 +1,19 @@
+2014-02-20  Mark Hahnenberg  <mhahnenb...@apple.com>
+
+        Dynamically generated JSExport protocols added to a class results in a crash
+        https://bugs.webkit.org/show_bug.cgi?id=129108
+
+        Reviewed by Oliver Hunt.
+
+        We're not getting any information from the runtime about the types of the methods on 
+        these protocols because they didn't exist at compile time. We should handle this gracefully.
+
+        * API/ObjCCallbackFunction.mm:
+        (objCCallbackFunctionForInvocation):
+        * API/tests/JSExportTests.mm:
+        (+[JSExportTests exportDynamicallyGeneratedProtocolTest]):
+        (runJSExportTests):
+
 2014-02-20  Gabor Rapcsanyi  <rga...@webkit.org>
 
         ASSERTION FAILED: isUInt16() on ARMv7 after r113253.

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes