Title: [257529] trunk/Source/_javascript_Core
- Revision
- 257529
- Author
- [email protected]
- Date
- 2020-02-26 16:29:15 -0800 (Wed, 26 Feb 2020)
Log Message
Enhance JSObjectGetProperty() to mitigate against null object pointers.
https://bugs.webkit.org/show_bug.cgi?id=208275
<rdar://problem/59826325>
Reviewed by Robin Morisset.
* API/JSObjectRef.cpp:
(JSObjectGetProperty):
Modified Paths
Diff
Modified: trunk/Source/_javascript_Core/API/JSObjectRef.cpp (257528 => 257529)
--- trunk/Source/_javascript_Core/API/JSObjectRef.cpp 2020-02-27 00:27:01 UTC (rev 257528)
+++ trunk/Source/_javascript_Core/API/JSObjectRef.cpp 2020-02-27 00:29:15 UTC (rev 257529)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2006-2019 Apple Inc. All rights reserved.
+ * Copyright (C) 2006-2020 Apple Inc. All rights reserved.
* Copyright (C) 2008 Kelvin W Sherlock ([email protected])
*
* Redistribution and use in source and binary forms, with or without
@@ -346,7 +346,7 @@
JSValueRef JSObjectGetProperty(JSContextRef ctx, JSObjectRef object, JSStringRef propertyName, JSValueRef* exception)
{
- if (!ctx) {
+ if (!ctx || !object) {
ASSERT_NOT_REACHED();
return 0;
}
Modified: trunk/Source/_javascript_Core/ChangeLog (257528 => 257529)
--- trunk/Source/_javascript_Core/ChangeLog 2020-02-27 00:27:01 UTC (rev 257528)
+++ trunk/Source/_javascript_Core/ChangeLog 2020-02-27 00:29:15 UTC (rev 257529)
@@ -1,3 +1,14 @@
+2020-02-26 Mark Lam <[email protected]>
+
+ Enhance JSObjectGetProperty() to mitigate against null object pointers.
+ https://bugs.webkit.org/show_bug.cgi?id=208275
+ <rdar://problem/59826325>
+
+ Reviewed by Robin Morisset.
+
+ * API/JSObjectRef.cpp:
+ (JSObjectGetProperty):
+
2020-02-26 Saam Barati <[email protected]>
Make testair pass on arm64
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
