Revision: 15641
Author: [email protected]
Date: Fri Jul 12 03:04:35 2013
Log: Fall back to generic on access checks in JSON.stringify.
BUG=259366
[email protected]
Review URL: https://codereview.chromium.org/18225006
http://code.google.com/p/v8/source/detail?r=15641
Modified:
/branches/bleeding_edge/src/json-stringifier.h
/branches/bleeding_edge/test/cctest/test-api.cc
=======================================
--- /branches/bleeding_edge/src/json-stringifier.h Mon Jun 3 08:32:22 2013
+++ /branches/bleeding_edge/src/json-stringifier.h Fri Jul 12 03:04:35 2013
@@ -434,6 +434,7 @@
return UNCHANGED;
}
case JS_ARRAY_TYPE:
+ if (object->IsAccessCheckNeeded()) break;
if (deferred_string_key) SerializeDeferredKey(comma, key);
return SerializeJSArray(Handle<JSArray>::cast(object));
case JS_VALUE_TYPE:
@@ -447,12 +448,13 @@
SerializeString(Handle<String>::cast(object));
return SUCCESS;
} else if (object->IsJSObject()) {
+ if (object->IsAccessCheckNeeded()) break;
if (deferred_string_key) SerializeDeferredKey(comma, key);
return SerializeJSObject(Handle<JSObject>::cast(object));
- } else {
- return SerializeGeneric(object, key, comma, deferred_string_key);
}
}
+
+ return SerializeGeneric(object, key, comma, deferred_string_key);
}
=======================================
--- /branches/bleeding_edge/test/cctest/test-api.cc Wed Jul 10 12:03:58 2013
+++ /branches/bleeding_edge/test/cctest/test-api.cc Fri Jul 12 03:04:35 2013
@@ -19714,5 +19714,76 @@
THREADED_TEST(SemaphoreInterruption) {
ThreadInterruptTest().RunTest();
}
+
+
+static bool NamedAccessAlwaysBlocked(Local<v8::Object> global,
+ Local<Value> name,
+ v8::AccessType type,
+ Local<Value> data) {
+ i::PrintF("Named access blocked.\n");
+ return false;
+}
+
+
+static bool IndexAccessAlwaysBlocked(Local<v8::Object> global,
+ uint32_t key,
+ v8::AccessType type,
+ Local<Value> data) {
+ i::PrintF("Indexed access blocked.\n");
+ return false;
+}
+
+
+void UnreachableCallback(const v8::FunctionCallbackInfo<v8::Value>& args) {
+ CHECK(false);
+}
+
+
+TEST(JSONStringifyAccessCheck) {
+ v8::V8::Initialize();
+ v8::HandleScope scope(v8::Isolate::GetCurrent());
+
+ // Create an ObjectTemplate for global objects and install access
+ // check callbacks that will block access.
+ v8::Handle<v8::ObjectTemplate> global_template =
v8::ObjectTemplate::New();
+ global_template->SetAccessCheckCallbacks(NamedAccessAlwaysBlocked,
+ IndexAccessAlwaysBlocked);
+
+ // Create a context and set an x property on it's global object.
+ LocalContext context0(NULL, global_template);
+ v8::Handle<v8::Object> global0 = context0->Global();
+ global0->Set(v8_str("x"), v8_num(42));
+ ExpectString("JSON.stringify(this)", "{\"x\":42}");
+
+ for (int i = 0; i < 2; i++) {
+ if (i == 1) {
+ // Install a toJSON function on the second run.
+ v8::Handle<v8::FunctionTemplate> toJSON =
+ v8::FunctionTemplate::New(UnreachableCallback);
+
+ global0->Set(v8_str("toJSON"), toJSON->GetFunction());
+ }
+ // Create a context with a different security token so that the
+ // failed access check callback will be called on each access.
+ LocalContext context1(NULL, global_template);
+ context1->Global()->Set(v8_str("other"), global0);
+
+ ExpectString("JSON.stringify(other)", "{}");
+ ExpectString("JSON.stringify({ 'a' : other, 'b' : ['c'] })",
+ "{\"a\":{},\"b\":[\"c\"]}");
+ ExpectString("JSON.stringify([other, 'b', 'c'])",
+ "[{},\"b\",\"c\"]");
+
+ v8::Handle<v8::Array> array = v8::Array::New(2);
+ array->Set(0, v8_str("a"));
+ array->Set(1, v8_str("b"));
+ context1->Global()->Set(v8_str("array"), array);
+ ExpectString("JSON.stringify(array)", "[\"a\",\"b\"]");
+ array->TurnOnAccessCheck();
+ ExpectString("JSON.stringify(array)", "[]");
+ ExpectString("JSON.stringify([array])", "[[]]");
+ ExpectString("JSON.stringify({'a' : array})", "{\"a\":[]}");
+ }
+}
#endif // WIN32
--
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
