Bug 933681 - Resolve canonical eval() onto Xrayed globals. r=jorendorff

2013-11-22 10:55:43 -08:00 · 2013-11-22 10:55:43 -08:00 · 76193870ea
--- a/js/src/jsfriendapi.cpp
+++ b/js/src/jsfriendapi.cpp
@ -560,6 +560,16 @@ js::GetObjectProto(JSContext *cx, JS::Handle<JSObject*> obj, JS::MutableHandle<J
    return true;
 }

+JS_FRIEND_API(bool)
+js::GetOriginalEval(JSContext *cx, HandleObject scope, MutableHandleObject eval)
+{
+    assertSameCompartment(cx, scope);
+    if (!scope->global().getOrCreateObjectPrototype(cx))
+        return false;
+    eval.set(&scope->global().getOriginalEval().toObject());
+    return true;
+}
+
 JS_FRIEND_API(void)
 js::SetReservedSlotWithBarrier(JSObject *obj, size_t slot, const js::Value &value)
 {
--- a/js/src/jsfriendapi.h
+++ b/js/src/jsfriendapi.h
@ -544,6 +544,10 @@ SetFunctionNativeReserved(JSObject *fun, size_t which, const JS::Value &val);
 JS_FRIEND_API(bool)
 GetObjectProto(JSContext *cx, JS::Handle<JSObject*> obj, JS::MutableHandle<JSObject*> proto);

+JS_FRIEND_API(bool)
+GetOriginalEval(JSContext *cx, JS::HandleObject scope,
+                JS::MutableHandleObject eval);
+
 inline void *
 GetObjectPrivate(JSObject *obj)
 {
--- a/js/xpconnect/src/XPCJSRuntime.cpp
+++ b/js/xpconnect/src/XPCJSRuntime.cpp
@ -75,6 +75,7 @@ const char* const XPCJSRuntime::mStrings[] = {
    "__proto__",            // IDX_PROTO
    "__iterator__",         // IDX_ITERATOR
    "__exposedProps__",     // IDX_EXPOSEDPROPS
+    "eval",                 // IDX_EVAL
 };

 /***************************************************************************/
--- a/js/xpconnect/src/xpcprivate.h
+++ b/js/xpconnect/src/xpcprivate.h
@ -652,6 +652,7 @@ public:
        IDX_PROTO                   ,
        IDX_ITERATOR                ,
        IDX_EXPOSEDPROPS            ,
+        IDX_EVAL                    ,
        IDX_TOTAL_COUNT // just a count of the above
    };

--- a/js/xpconnect/wrappers/XrayWrapper.cpp
+++ b/js/xpconnect/wrappers/XrayWrapper.cpp
@ -815,7 +815,7 @@ XrayTraits::resolveOwnProperty(JSContext *cx, Wrapper &jsWrapper,
        found = !!desc.object();
    }

-    // Next, check for ES standard classes.
+    // Next, check for ES builtins.
    if (!found && JS_IsGlobalObject(target)) {
        JSProtoKey key = JS_IdToProtoKey(cx, id);
        JSAutoCompartment ac(cx, target);
@ -827,6 +827,12 @@ XrayTraits::resolveOwnProperty(JSContext *cx, Wrapper &jsWrapper,
            MOZ_ASSERT(constructor);
            desc.value().set(ObjectValue(*constructor));
            found = true;
+        } else if (id == GetRTIdByIndex(cx, XPCJSRuntime::IDX_EVAL)) {
+            RootedObject eval(cx);
+            if (!js::GetOriginalEval(cx, target, &eval))
+                return false;
+            desc.value().set(ObjectValue(*eval));
+            found = true;
        }
    }