Author: olehougaard
Date: Fri Nov 14 05:14:49 2008
New Revision: 757
Modified:
branches/bleeding_edge/src/v8natives.js
branches/bleeding_edge/test/cctest/test-api.cc
Log:
Restrict application of eval so it can only be used in the context of the
global object. For compatibility.
Review URL: http://codereview.chromium.org/10748
Modified: branches/bleeding_edge/src/v8natives.js
==============================================================================
--- branches/bleeding_edge/src/v8natives.js (original)
+++ branches/bleeding_edge/src/v8natives.js Fri Nov 14 05:14:49 2008
@@ -105,6 +105,11 @@
function GlobalEval(x) {
if (!IS_STRING(x)) return x;
+ if (this !== %GlobalReceiver(global)) {
+ throw $EvalError('The "this" object passed to eval ' +
+ 'must be the global object from which eval
originated');
+ }
+
var f = %CompileString(x, 0, true);
if (!IS_FUNCTION(f)) return f;
Modified: branches/bleeding_edge/test/cctest/test-api.cc
==============================================================================
--- branches/bleeding_edge/test/cctest/test-api.cc (original)
+++ branches/bleeding_edge/test/cctest/test-api.cc Fri Nov 14 05:14:49 2008
@@ -4078,6 +4078,14 @@
"with({x:2}){other.eval('x+y')}"));
result = script->Run();
CHECK_EQ(3, result->Int32Value());
+
+ // Check that you cannot use 'eval.call' with another object than the
+ // current global object.
+ v8::TryCatch try_catch;
+ script =
+ Script::Compile(v8_str("other.y = 1; eval.call(other, 'y')"));
+ result = script->Run();
+ CHECK(try_catch.HasCaught());
}
--~--~---------~--~----~------------~-------~--~----~
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
-~----------~----~----~----~------~----~------~--~---
