Ignore:
Timestamp:
Feb 1, 2012, 4:08:00 PM (13 years ago)
Author:
[email protected]
Message:

calling function on catch block scope containing an eval result in wrong this value being passed
https://bugs.webkit.org/show_bug.cgi?id=77581

Reviewed by Oliver Hunt.

javascript:function F(){ return 'F' in this; }; try { throw F; } catch (e) { eval(""); alert(e()); }

Source/JavaScriptCore:

  • bytecompiler/NodesCodegen.cpp:

(JSC::TryNode::emitBytecode):

  • interpreter/Interpreter.cpp:

(JSC::Interpreter::execute):

  • parser/ASTBuilder.h:

(JSC::ASTBuilder::createTryStatement):

  • parser/NodeConstructors.h:

(JSC::TryNode::TryNode):

  • parser/Nodes.h:

(TryNode):

  • parser/Parser.cpp:

(JSC::::parseTryStatement):

  • parser/SyntaxChecker.h:

(JSC::SyntaxChecker::createTryStatement):

  • runtime/JSObject.h:

(JSObject):
(JSC::JSObject::isStaticScopeObject):
(JSC):

LayoutTests:

  • fast/js/eval-var-decl-expected.txt:
  • fast/js/script-tests/eval-var-decl.js:

(checkThis):
(testEvalInCatch):

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/Source/JavaScriptCore/parser/Nodes.h

    r106504 r106512  
    13491349    class TryNode : public StatementNode {
    13501350    public:
    1351         TryNode(int, StatementNode* tryBlock, const Identifier& exceptionIdent, bool catchHasEval, StatementNode* catchBlock, StatementNode* finallyBlock);
     1351        TryNode(int, StatementNode* tryBlock, const Identifier& exceptionIdent, StatementNode* catchBlock, StatementNode* finallyBlock);
    13521352
    13531353    private:
     
    13581358        StatementNode* m_catchBlock;
    13591359        StatementNode* m_finallyBlock;
    1360         bool m_catchHasEval;
    13611360    };
    13621361
Note: See TracChangeset for help on using the changeset viewer.