I think this is a very good idea and definitely worth doing for the other
architectures too. Perhaps we should just abort the VM if the arg count
mismatches? As long as we get a reasonable stack trace that seems safer
than
continuing after an attacker has attempted to subvert the %_ natives.
http://codereview.chromium.org/573056/diff/1/2
File src/ia32/codegen-ia32.cc (right):
http://codereview.chromium.org/573056/diff/1/2#newcode4969
src/ia32/codegen-ia32.cc:4969: frame_->Push(Factory::undefined_value());
This and the similar cases below should have a comment to the effect
that we never expect this to happen. Alternatively we could define some
macro called RETURN_UNDEFINED_ON_ARGC_MISMATCH and use it throughout.
Then we could put the comment on the macro definition.
http://codereview.chromium.org/573056
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
