зеркало из https://github.com/mozilla/gecko-dev.git
Bug 863505 - Disallow unbound name ops in self-hosted code. (r=till)
This commit is contained in:
Родитель
13282d5cd7
Коммит
99e752ad92
|
@ -1158,12 +1158,12 @@ TryConvertToGname(BytecodeEmitter *bce, ParseNode *pn, JSOp *op)
|
|||
}
|
||||
|
||||
/*
|
||||
* BindNameToSlot attempts to optimize name gets and sets to stack slot loads
|
||||
* and stores, given the compile-time information in bce and a PNK_NAME node pn.
|
||||
* It returns false on error, true on success.
|
||||
* BindNameToSlotHelper attempts to optimize name gets and sets to stack slot
|
||||
* loads and stores, given the compile-time information in bce and a PNK_NAME
|
||||
* node pn. It returns false on error, true on success.
|
||||
*
|
||||
* The caller can test pn->pn_cookie.isFree() to tell whether optimization
|
||||
* occurred, in which case BindNameToSlot also updated pn->pn_op. If
|
||||
* occurred, in which case BindNameToSlotHelper also updated pn->pn_op. If
|
||||
* pn->pn_cookie.isFree() is still true on return, pn->pn_op still may have
|
||||
* been optimized, e.g., from JSOP_NAME to JSOP_CALLEE. Whether or not
|
||||
* pn->pn_op was modified, if this function finds an argument or local variable
|
||||
|
@ -1175,7 +1175,7 @@ TryConvertToGname(BytecodeEmitter *bce, ParseNode *pn, JSOp *op)
|
|||
* op=, e.g. +=).
|
||||
*/
|
||||
static bool
|
||||
BindNameToSlot(JSContext *cx, BytecodeEmitter *bce, ParseNode *pn)
|
||||
BindNameToSlotHelper(JSContext *cx, BytecodeEmitter *bce, ParseNode *pn)
|
||||
{
|
||||
JS_ASSERT(pn->isKind(PNK_NAME));
|
||||
|
||||
|
@ -1411,6 +1411,25 @@ BindNameToSlot(JSContext *cx, BytecodeEmitter *bce, ParseNode *pn)
|
|||
return true;
|
||||
}
|
||||
|
||||
/*
|
||||
* Attempts to bind the name, then checks that no dynamic scope lookup ops are
|
||||
* emitted in self-hosting mode. NAME ops do lookups off current scope chain,
|
||||
* and we do not want to allow self-hosted code to use the dynamic scope.
|
||||
*/
|
||||
static bool
|
||||
BindNameToSlot(JSContext *cx, BytecodeEmitter *bce, ParseNode *pn)
|
||||
{
|
||||
if (!BindNameToSlotHelper(cx, bce, pn))
|
||||
return false;
|
||||
|
||||
if (bce->selfHostingMode && !pn->isBound()) {
|
||||
bce->reportError(pn, JSMSG_SELFHOSTED_UNBOUND_NAME);
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
/*
|
||||
* If pn contains a useful expression, return true with *answer set to true.
|
||||
* If pn contains a useless expression, return true with *answer set to false.
|
||||
|
|
|
@ -399,3 +399,4 @@ MSG_DEF(JSMSG_BAD_ARROW_ARGS, 345, 0, JSEXN_SYNTAXERR, "invalid arrow-fu
|
|||
MSG_DEF(JSMSG_YIELD_IN_ARROW, 346, 0, JSEXN_SYNTAXERR, "arrow function may not contain yield")
|
||||
MSG_DEF(JSMSG_WRONG_VALUE, 347, 2, JSEXN_ERR, "expected {0} but found {1}")
|
||||
MSG_DEF(JSMSG_PAR_ARRAY_SCATTER_BAD_TARGET, 348, 1, JSEXN_ERR, "target for index {0} is not an integer")
|
||||
MSG_DEF(JSMSG_SELFHOSTED_UNBOUND_NAME,349, 0, JSEXN_TYPEERR, "self-hosted code may not contain unbound name lookups")
|
||||
|
|
Загрузка…
Ссылка в новой задаче