- Revision
- 270391
- Author
- [email protected]
- Date
- 2020-12-03 02:30:16 -0800 (Thu, 03 Dec 2020)
Log Message
[WTF] Avoid JSONValue::create with raw string falling to bool overload
https://bugs.webkit.org/show_bug.cgi?id=219483
Reviewed by Adrian Perez de Castro.
Source/_javascript_Core:
* inspector/InjectedScriptBase.cpp:
(Inspector::InjectedScriptBase::makeAsyncCall): Convert to WTF::String when creating the value.
Source/WebCore:
Covered by existing tests.
* inspector/InspectorFrontendClientLocal.cpp:
(WebCore::InspectorFrontendClientLocal::setAttachedWindow): Convert to WTF::String when creating the value.
Source/WebDriver:
Avoid accidental conversion of "selected" to bool that would make the
getElementAttribute _javascript_code to fail with "attributeName.toLowerCase
is undefined"
* Session.cpp:
(WebDriver::Session::isElementSelected): Convert to WTF::String when creating the value.
Source/WTF:
r269757 removed the const char* overload for Value::create() and replaced
them with makeString() versions. While this worked most of the time, one
could still call Value::create(raw_string) and it would end up calling the
bool overload. This could cause side effects like making a number of
WebDriver tests to fail with wrong types in the executed _javascript_ code.
To avoid these accidental conversions, this commit added an overload to
delete all implicit conversions of Value::create().
* wtf/JSONValues.h: Delete implicit overloads for Value::create(T).
Modified Paths
Diff
Modified: trunk/Source/_javascript_Core/ChangeLog (270390 => 270391)
--- trunk/Source/_javascript_Core/ChangeLog 2020-12-03 09:50:39 UTC (rev 270390)
+++ trunk/Source/_javascript_Core/ChangeLog 2020-12-03 10:30:16 UTC (rev 270391)
@@ -1,3 +1,13 @@
+2020-12-03 Lauro Moura <[email protected]>
+
+ [WTF] Avoid JSONValue::create with raw string falling to bool overload
+ https://bugs.webkit.org/show_bug.cgi?id=219483
+
+ Reviewed by Adrian Perez de Castro.
+
+ * inspector/InjectedScriptBase.cpp:
+ (Inspector::InjectedScriptBase::makeAsyncCall): Convert to WTF::String when creating the value.
+
2020-12-02 Michael Catanzaro <[email protected]>
aarch64 llint does not build with JIT disabled
Modified: trunk/Source/_javascript_Core/inspector/InjectedScriptBase.cpp (270390 => 270391)
--- trunk/Source/_javascript_Core/inspector/InjectedScriptBase.cpp 2020-12-03 09:50:39 UTC (rev 270390)
+++ trunk/Source/_javascript_Core/inspector/InjectedScriptBase.cpp 2020-12-03 10:30:16 UTC (rev 270391)
@@ -121,7 +121,7 @@
jsFunction = JSC::JSNativeStdFunction::create(vm, globalObject, 1, String(), [&, callback = WTFMove(callback)] (JSC::JSGlobalObject* globalObject, JSC::CallFrame* callFrame) {
if (!callFrame)
- checkAsyncCallResult(JSON::Value::create("Exception while making a call."), callback);
+ checkAsyncCallResult(JSON::Value::create(makeString("Exception while making a call."_s)), callback);
else if (auto resultJSONValue = toInspectorValue(globalObject, callFrame->argument(0)))
checkAsyncCallResult(resultJSONValue, callback);
else
Modified: trunk/Source/WTF/ChangeLog (270390 => 270391)
--- trunk/Source/WTF/ChangeLog 2020-12-03 09:50:39 UTC (rev 270390)
+++ trunk/Source/WTF/ChangeLog 2020-12-03 10:30:16 UTC (rev 270391)
@@ -1,3 +1,21 @@
+2020-12-03 Lauro Moura <[email protected]>
+
+ [WTF] Avoid JSONValue::create with raw string falling to bool overload
+ https://bugs.webkit.org/show_bug.cgi?id=219483
+
+ Reviewed by Adrian Perez de Castro.
+
+ r269757 removed the const char* overload for Value::create() and replaced
+ them with makeString() versions. While this worked most of the time, one
+ could still call Value::create(raw_string) and it would end up calling the
+ bool overload. This could cause side effects like making a number of
+ WebDriver tests to fail with wrong types in the executed _javascript_ code.
+
+ To avoid these accidental conversions, this commit added an overload to
+ delete all implicit conversions of Value::create().
+
+ * wtf/JSONValues.h: Delete implicit overloads for Value::create(T).
+
2020-12-02 Michael Catanzaro <[email protected]>
aarch64 llint does not build with JIT disabled
Modified: trunk/Source/WTF/wtf/JSONValues.h (270390 => 270391)
--- trunk/Source/WTF/wtf/JSONValues.h 2020-12-03 09:50:39 UTC (rev 270390)
+++ trunk/Source/WTF/wtf/JSONValues.h 2020-12-03 10:30:16 UTC (rev 270391)
@@ -77,6 +77,8 @@
static Ref<Value> create(int);
static Ref<Value> create(double);
static Ref<Value> create(const String&);
+ template<class T>
+ static Ref<Value> create(T) = delete;
enum class Type {
Null = 0,
Modified: trunk/Source/WebCore/ChangeLog (270390 => 270391)
--- trunk/Source/WebCore/ChangeLog 2020-12-03 09:50:39 UTC (rev 270390)
+++ trunk/Source/WebCore/ChangeLog 2020-12-03 10:30:16 UTC (rev 270391)
@@ -1,3 +1,15 @@
+2020-12-03 Lauro Moura <[email protected]>
+
+ [WTF] Avoid JSONValue::create with raw string falling to bool overload
+ https://bugs.webkit.org/show_bug.cgi?id=219483
+
+ Reviewed by Adrian Perez de Castro.
+
+ Covered by existing tests.
+
+ * inspector/InspectorFrontendClientLocal.cpp:
+ (WebCore::InspectorFrontendClientLocal::setAttachedWindow): Convert to WTF::String when creating the value.
+
2020-12-03 Martin Robinson <[email protected]>
Move code from AxisScrollSnapOffsets to ScrollSnapOffsetsInfo
Modified: trunk/Source/WebCore/inspector/InspectorFrontendClientLocal.cpp (270390 => 270391)
--- trunk/Source/WebCore/inspector/InspectorFrontendClientLocal.cpp 2020-12-03 09:50:39 UTC (rev 270390)
+++ trunk/Source/WebCore/inspector/InspectorFrontendClientLocal.cpp 2020-12-03 10:30:16 UTC (rev 270391)
@@ -308,7 +308,7 @@
m_dockSide = dockSide;
- m_frontendAPIDispatcher->dispatchCommandWithResultAsync("setDockSide"_s, { JSON::Value::create(side) });
+ m_frontendAPIDispatcher->dispatchCommandWithResultAsync("setDockSide"_s, { JSON::Value::create(makeString(side)) });
}
void InspectorFrontendClientLocal::restoreAttachedWindowHeight()
Modified: trunk/Source/WebDriver/ChangeLog (270390 => 270391)
--- trunk/Source/WebDriver/ChangeLog 2020-12-03 09:50:39 UTC (rev 270390)
+++ trunk/Source/WebDriver/ChangeLog 2020-12-03 10:30:16 UTC (rev 270391)
@@ -1,3 +1,17 @@
+2020-12-03 Lauro Moura <[email protected]>
+
+ [WTF] Avoid JSONValue::create with raw string falling to bool overload
+ https://bugs.webkit.org/show_bug.cgi?id=219483
+
+ Reviewed by Adrian Perez de Castro.
+
+ Avoid accidental conversion of "selected" to bool that would make the
+ getElementAttribute _javascript_code to fail with "attributeName.toLowerCase
+ is undefined"
+
+ * Session.cpp:
+ (WebDriver::Session::isElementSelected): Convert to WTF::String when creating the value.
+
2020-11-05 Carlos Garcia Campos <[email protected]>
WebDriver: session can have more than one active input source of the same type
Modified: trunk/Source/WebDriver/Session.cpp (270390 => 270391)
--- trunk/Source/WebDriver/Session.cpp 2020-12-03 09:50:39 UTC (rev 270390)
+++ trunk/Source/WebDriver/Session.cpp 2020-12-03 10:30:16 UTC (rev 270391)
@@ -1216,7 +1216,7 @@
}
auto arguments = JSON::Array::create();
arguments->pushString(createElement(elementID)->toJSONString());
- arguments->pushString(JSON::Value::create("selected")->toJSONString());
+ arguments->pushString(JSON::Value::create(makeString("selected"_s))->toJSONString());
auto parameters = JSON::Object::create();
parameters->setString("browsingContextHandle"_s, m_toplevelBrowsingContext.value());
