Title: [135433] trunk/Source/WebCore
- Revision
- 135433
- Author
- commit-qu...@webkit.org
- Date
- 2012-11-21 14:24:07 -0800 (Wed, 21 Nov 2012)
Log Message
[V8] Add context checks to WorldContextHandle and V8DOMWindowShell
https://bugs.webkit.org/show_bug.cgi?id=101573
Patch by Dan Carney <dcar...@google.com> on 2012-11-21
Reviewed by Adam Barth.
Added a bunch of assertions to ensure the problems with IndexedDB
contexts cannot reemerge.
No new tests. No change in functionality.
* bindings/v8/V8DOMWindowShell.cpp:
(WebCore):
(WebCore::V8DOMWindowShell::assertContextHasCorrectPrototype):
* bindings/v8/V8DOMWindowShell.h:
(V8DOMWindowShell):
(WebCore::V8DOMWindowShell::isolated):
* bindings/v8/WorldContextHandle.cpp:
(WebCore::WorldContextHandle::WorldContextHandle):
Modified Paths
Diff
Modified: trunk/Source/WebCore/ChangeLog (135432 => 135433)
--- trunk/Source/WebCore/ChangeLog 2012-11-21 22:21:40 UTC (rev 135432)
+++ trunk/Source/WebCore/ChangeLog 2012-11-21 22:24:07 UTC (rev 135433)
@@ -1,3 +1,24 @@
+2012-11-21 Dan Carney <dcar...@google.com>
+
+ [V8] Add context checks to WorldContextHandle and V8DOMWindowShell
+ https://bugs.webkit.org/show_bug.cgi?id=101573
+
+ Reviewed by Adam Barth.
+
+ Added a bunch of assertions to ensure the problems with IndexedDB
+ contexts cannot reemerge.
+
+ No new tests. No change in functionality.
+
+ * bindings/v8/V8DOMWindowShell.cpp:
+ (WebCore):
+ (WebCore::V8DOMWindowShell::assertContextHasCorrectPrototype):
+ * bindings/v8/V8DOMWindowShell.h:
+ (V8DOMWindowShell):
+ (WebCore::V8DOMWindowShell::isolated):
+ * bindings/v8/WorldContextHandle.cpp:
+ (WebCore::WorldContextHandle::WorldContextHandle):
+
2012-11-21 Elliott Sprehn <espr...@chromium.org>
Remove unnecessary ternaries in createRendererIfNeeded
Modified: trunk/Source/WebCore/bindings/v8/V8DOMWindowShell.cpp (135432 => 135433)
--- trunk/Source/WebCore/bindings/v8/V8DOMWindowShell.cpp 2012-11-21 22:21:40 UTC (rev 135432)
+++ trunk/Source/WebCore/bindings/v8/V8DOMWindowShell.cpp 2012-11-21 22:24:07 UTC (rev 135433)
@@ -65,6 +65,14 @@
namespace WebCore {
+#ifndef NDEBUG
+void V8DOMWindowShell::assertContextHasCorrectPrototype()
+{
+ ASSERT(isMainThread());
+ ASSERT(V8DOMWrapper::isWrapperOfType(toInnerGlobalObject(v8::Context::GetEntered()), &V8DOMWindow::info));
+}
+#endif
+
static void checkDocumentWrapper(v8::Handle<v8::Object> wrapper, Document* document)
{
ASSERT(V8Document::toNative(wrapper) == document);
@@ -328,7 +336,6 @@
V8DOMWindow::installPerContextProperties(windowWrapper, window);
V8DOMWrapper::setDOMWrapper(v8::Handle<v8::Object>::Cast(windowWrapper->GetPrototype()), &V8DOMWindow::info, window);
- V8DOMWrapper::createDOMWrapper(PassRefPtr<DOMWindow>(window), &V8DOMWindow::info, windowWrapper);
// Install the windowWrapper as the prototype of the innerGlobalObject.
// The full structure of the global object is as follows:
@@ -346,6 +353,7 @@
v8::Handle<v8::Object> innerGlobalObject = toInnerGlobalObject(m_context.get());
V8DOMWrapper::setDOMWrapper(innerGlobalObject, &V8DOMWindow::info, window);
innerGlobalObject->SetPrototype(windowWrapper);
+ V8DOMWrapper::createDOMWrapper(PassRefPtr<DOMWindow>(window), &V8DOMWindow::info, windowWrapper);
return true;
}
Modified: trunk/Source/WebCore/bindings/v8/V8DOMWindowShell.h (135432 => 135433)
--- trunk/Source/WebCore/bindings/v8/V8DOMWindowShell.h 2012-11-21 22:21:40 UTC (rev 135432)
+++ trunk/Source/WebCore/bindings/v8/V8DOMWindowShell.h 2012-11-21 22:24:07 UTC (rev 135433)
@@ -80,8 +80,15 @@
void destroyGlobal();
+#ifndef NDEBUG
+ static void assertContextHasCorrectPrototype();
+#endif
+
static V8DOMWindowShell* isolated(v8::Handle<v8::Context> context)
{
+#ifndef NDEBUG
+ assertContextHasCorrectPrototype();
+#endif
return static_cast<V8DOMWindowShell*>(context->GetAlignedPointerFromEmbedderData(v8ContextIsolatedWindowShell));
}
Modified: trunk/Source/WebCore/bindings/v8/WorldContextHandle.cpp (135432 => 135433)
--- trunk/Source/WebCore/bindings/v8/WorldContextHandle.cpp 2012-11-21 22:21:40 UTC (rev 135432)
+++ trunk/Source/WebCore/bindings/v8/WorldContextHandle.cpp 2012-11-21 22:24:07 UTC (rev 135433)
@@ -35,29 +35,40 @@
#include "V8Binding.h"
#include "V8DOMWindow.h"
#include "V8DOMWindowShell.h"
+#include "V8DedicatedWorkerContext.h"
+#include "V8SharedWorkerContext.h"
namespace WebCore {
WorldContextHandle::WorldContextHandle(WorldToUse worldToUse)
: m_worldToUse(worldToUse)
{
+ ASSERT(worldToUse != UseWorkerWorld);
+
if (worldToUse == UseMainWorld || worldToUse == UseWorkerWorld)
return;
- if (v8::Context::InContext()) {
- v8::Handle<v8::Context> context = v8::Context::GetCurrent();
+ if (!v8::Context::InContext())
+ CRASH();
+
+ v8::Handle<v8::Context> context = v8::Context::GetCurrent();
#if ENABLE(WORKERS)
- if (UNLIKELY(!V8DOMWrapper::isWrapperOfType(toInnerGlobalObject(context), &V8DOMWindow::info))) {
- m_worldToUse = UseWorkerWorld;
- return;
- }
+ if (UNLIKELY(!V8DOMWrapper::isWrapperOfType(toInnerGlobalObject(context), &V8DOMWindow::info))) {
+#if ENABLE(SHARED_WORKERS)
+ ASSERT(V8DOMWrapper::isWrapperOfType(toInnerGlobalObject(context)->GetPrototype(), &V8DedicatedWorkerContext::info) || V8DOMWrapper::isWrapperOfType(toInnerGlobalObject(context)->GetPrototype(), &V8SharedWorkerContext::info));
+#else
+ ASSERT(V8DOMWrapper::isWrapperOfType(toInnerGlobalObject(context)->GetPrototype(), &V8DedicatedWorkerContext::info));
#endif
- if (V8DOMWindowShell::isolated(context)) {
- m_context = SharedPersistent<v8::Context>::create(context);
- return;
- }
+ m_worldToUse = UseWorkerWorld;
+ return;
}
+#endif
+ if (V8DOMWindowShell::isolated(context)) {
+ m_context = SharedPersistent<v8::Context>::create(context);
+ return;
+ }
+
m_worldToUse = UseMainWorld;
}
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
http://lists.webkit.org/mailman/listinfo/webkit-changes
