[webkit-changes] [208956] trunk/Source/JavaScriptCore

Mon, 21 Nov 2016 18:06:07 -0800

Title: [208956] trunk/Source/_javascript_Core
Revision
208956
Author
[email protected]
Date
2016-11-21 18:05:27 -0800 (Mon, 21 Nov 2016)

Log Message

Fix exception scope verification failures in FunctionConstructor.cpp.
https://bugs.webkit.org/show_bug.cgi?id=165011

Reviewed by Saam Barati.

* runtime/FunctionConstructor.cpp:
(JSC::constructFunction):
(JSC::constructFunctionSkippingEvalEnabledCheck):

Modified Paths

Diff

Modified: trunk/Source/_javascript_Core/ChangeLog (208955 => 208956)


--- trunk/Source/_javascript_Core/ChangeLog	2016-11-22 02:04:52 UTC (rev 208955)
+++ trunk/Source/_javascript_Core/ChangeLog	2016-11-22 02:05:27 UTC (rev 208956)
@@ -1,5 +1,16 @@
 2016-11-21  Mark Lam  <[email protected]>
 
+        Fix exception scope verification failures in FunctionConstructor.cpp.
+        https://bugs.webkit.org/show_bug.cgi?id=165011
+
+        Reviewed by Saam Barati.
+
+        * runtime/FunctionConstructor.cpp:
+        (JSC::constructFunction):
+        (JSC::constructFunctionSkippingEvalEnabledCheck):
+
+2016-11-21  Mark Lam  <[email protected]>
+
         Fix exception scope verification failures in GetterSetter.cpp.
         https://bugs.webkit.org/show_bug.cgi?id=165013

Modified: trunk/Source/_javascript_Core/runtime/FunctionConstructor.cpp (208955 => 208956)


--- trunk/Source/_javascript_Core/runtime/FunctionConstructor.cpp	2016-11-22 02:04:52 UTC (rev 208955)
+++ trunk/Source/_javascript_Core/runtime/FunctionConstructor.cpp	2016-11-22 02:05:27 UTC (rev 208956)
@@ -83,6 +83,7 @@
 
     if (!globalObject->evalEnabled())
         return throwException(exec, scope, createEvalError(exec, globalObject->evalDisabledErrorMessage()));
+    scope.release();
     return constructFunctionSkippingEvalEnabledCheck(exec, globalObject, args, functionName, sourceURL, position, -1, functionConstructionMode, newTarget);
 }
 
@@ -116,9 +117,11 @@
     String program;
     if (args.isEmpty())
         program = makeString(prefix, functionName.string(), "() {\n\n}}");
-    else if (args.size() == 1)
-        program = makeString(prefix, functionName.string(), "() {\n", args.at(0).toString(exec)->value(exec), "\n}}");
-    else {
+    else if (args.size() == 1) {
+        auto body = args.at(0).toWTFString(exec);
+        RETURN_IF_EXCEPTION(scope, nullptr);
+        program = makeString(prefix, functionName.string(), "() {\n", body, "\n}}");
+    } else {
         StringBuilder builder;
         builder.append(prefix);
         builder.append(functionName.string());

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to