Reviewers: Christian Plesner Hansen, Description: Skip access checks for hidden properties.
Hidden properties are used like internal fields which do not have access checks. The checks can cause problems because there may be no current context. See http://crbug.com/24200. Please review this at http://codereview.chromium.org/271080 Affected files: M src/top.cc Index: src/top.cc diff --git a/src/top.cc b/src/top.cc index e40fc11ef3a74b0f7559e99a3f313fc535adf797..bb2dea4d2db8f4191eab5713e3ff0bd26376b0bf 100644 --- a/src/top.cc +++ b/src/top.cc @@ -494,11 +494,17 @@ static MayAccessDecision MayAccessPreCheck(JSObject* receiver, bool Top::MayNamedAccess(JSObject* receiver, Object* key, v8::AccessType type) { ASSERT(receiver->IsAccessCheckNeeded()); + + // The callers of this method are not expecting a GC. + AssertNoAllocation no_gc; + + // Skip checks for hidden properties access. Note, we do not + // require existence of a context in this case. + if (key == Heap::hidden_symbol()) return true; + // Check for compatibility between the security tokens in the // current lexical context and the accessed object. ASSERT(Top::context()); - // The callers of this method are not expecting a GC. - AssertNoAllocation no_gc; MayAccessDecision decision = MayAccessPreCheck(receiver, type); if (decision != UNKNOWN) return decision == YES; --~--~---------~--~----~------------~-------~--~----~ v8-dev mailing list [email protected] http://groups.google.com/group/v8-dev -~----------~----~----~----~------~----~------~--~---
