Ignore:
Timestamp:
Aug 26, 2007, 11:17:48 PM (18 years ago)
Author:
bdash
Message:

2007-08-26 Mark Rowe <[email protected]>

Reviewed by Darin Adler.

<rdar://problem/4949002> JSGlobalContextCreate can cause crashes because it passes a NULL JSContextRef to the globalObjectClass's initialize callback

JSCallbackObject now tracks whether it was constructed with a null ExecState. This will happen when the object is being used as the global object,
as the Interpreter needs to be created after the global object. In this situation the initialization is deferred until after the Interpreter's
ExecState is available to be passed down to the initialize callbacks.

  • API/JSCallbackObject.cpp: (KJS::JSCallbackObject::init): Track whether we successfully initialized. (KJS::JSCallbackObject::initializeIfNeeded): Attempt to initialize with the new ExecState.
  • API/JSCallbackObject.h:
  • API/JSContextRef.cpp: (JSGlobalContextCreate): Initialize the JSCallbackObject with the Interpreter's ExecState.
  • API/testapi.c: (testInitializeOfGlobalObjectClassHasNonNullContext): (main): Verify that the context passed to the initialize callback is non-null.
File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/JavaScriptCore/API/JSCallbackObject.h

    r15484 r25257  
    7373    bool inherits(JSClassRef) const;
    7474   
     75    void initializeIfNeeded(ExecState*);
     76   
    7577private:
    7678    JSCallbackObject(); // prevent default construction
     
    8688    void* m_privateData;
    8789    JSClassRef m_class;
     90    bool m_isInitialized;
    8891};
    8992
Note: See TracChangeset for help on using the changeset viewer.