зеркало из https://github.com/mozilla/gecko-dev.git
Bug 877540. Fix remaining unsafe reference hazards in browser code. r=terrence
This commit is contained in:
Родитель
6871042269
Коммит
ac87784e7f
|
@ -68,6 +68,7 @@ template<typename T> class Optional;
|
|||
|
||||
namespace JS {
|
||||
class Value;
|
||||
template<typename T> class Handle;
|
||||
}
|
||||
|
||||
#define NODE_FLAG_BIT(n_) (1U << (n_))
|
||||
|
@ -1581,7 +1582,8 @@ public:
|
|||
// HasAttributes is defined inline in Element.h.
|
||||
bool HasAttributes() const;
|
||||
nsDOMAttributeMap* GetAttributes();
|
||||
JS::Value SetUserData(JSContext* aCx, const nsAString& aKey, JS::Value aData,
|
||||
JS::Value SetUserData(JSContext* aCx, const nsAString& aKey,
|
||||
JS::Handle<JS::Value> aData,
|
||||
nsIDOMUserDataHandler* aHandler,
|
||||
mozilla::ErrorResult& aError);
|
||||
JS::Value GetUserData(JSContext* aCx, const nsAString& aKey,
|
||||
|
|
|
@ -338,8 +338,9 @@ GetParamsForMessage(JSContext* aCx,
|
|||
// properly cases when interface is implemented in JS and used
|
||||
// as a dictionary.
|
||||
nsAutoString json;
|
||||
JS::Value v = aObject;
|
||||
NS_ENSURE_TRUE(JS_Stringify(aCx, &v, nullptr, JSVAL_NULL, JSONCreator, &json), false);
|
||||
JS::Rooted<JS::Value> v(aCx, aObject);
|
||||
NS_ENSURE_TRUE(JS_Stringify(aCx, v.address(), nullptr, JSVAL_NULL,
|
||||
JSONCreator, &json), false);
|
||||
NS_ENSURE_TRUE(!json.IsEmpty(), false);
|
||||
|
||||
JS::Rooted<JS::Value> val(aCx, JS::NullValue());
|
||||
|
|
|
@ -678,11 +678,13 @@ nsINode::SetUserData(const nsAString &aKey, nsIVariant *aData,
|
|||
}
|
||||
|
||||
JS::Value
|
||||
nsINode::SetUserData(JSContext* aCx, const nsAString& aKey, JS::Value aData,
|
||||
nsINode::SetUserData(JSContext* aCx, const nsAString& aKey,
|
||||
JS::Handle<JS::Value> aData,
|
||||
nsIDOMUserDataHandler* aHandler, ErrorResult& aError)
|
||||
{
|
||||
nsCOMPtr<nsIVariant> data;
|
||||
aError = nsContentUtils::XPConnect()->JSValToVariant(aCx, &aData,
|
||||
JS::Rooted<JS::Value> dataVal(aCx, aData);
|
||||
aError = nsContentUtils::XPConnect()->JSValToVariant(aCx, dataVal.address(),
|
||||
getter_AddRefs(data));
|
||||
if (aError.Failed()) {
|
||||
return JS::UndefinedValue();
|
||||
|
|
|
@ -60,7 +60,8 @@ nsDOMDataContainerEvent::SetData(const nsAString& aKey, nsIVariant *aData)
|
|||
|
||||
void
|
||||
nsDOMDataContainerEvent::SetData(JSContext* aCx, const nsAString& aKey,
|
||||
JS::Value aVal, mozilla::ErrorResult& aRv)
|
||||
JS::Handle<JS::Value> aVal,
|
||||
mozilla::ErrorResult& aRv)
|
||||
{
|
||||
if (!nsContentUtils::XPConnect()) {
|
||||
aRv = NS_ERROR_FAILURE;
|
||||
|
|
|
@ -39,8 +39,8 @@ public:
|
|||
return val.forget();
|
||||
}
|
||||
|
||||
void SetData(JSContext* aCx, const nsAString& aKey, JS::Value aVal,
|
||||
mozilla::ErrorResult& aRv);
|
||||
void SetData(JSContext* aCx, const nsAString& aKey,
|
||||
JS::Handle<JS::Value> aVal, mozilla::ErrorResult& aRv);
|
||||
|
||||
private:
|
||||
static PLDHashOperator
|
||||
|
|
|
@ -54,7 +54,7 @@ public:
|
|||
const nsAString& aType,
|
||||
bool aCanBubble,
|
||||
bool aCancelable,
|
||||
JS::Value aData,
|
||||
JS::Handle<JS::Value> aData,
|
||||
const nsAString& aOrigin,
|
||||
const nsAString& aLastEventId,
|
||||
nsIDOMWindow* aSource,
|
||||
|
|
|
@ -48,8 +48,8 @@ public:
|
|||
|
||||
JSObject* GetFrameBuffer(JSContext* aCx, mozilla::ErrorResult& aRv)
|
||||
{
|
||||
JS::Value dummy;
|
||||
aRv = GetFrameBuffer(aCx, &dummy);
|
||||
JS::Rooted<JS::Value> dummy(aCx);
|
||||
aRv = GetFrameBuffer(aCx, dummy.address());
|
||||
return mCachedArray;
|
||||
}
|
||||
|
||||
|
|
|
@ -724,7 +724,7 @@ nsresult
|
|||
HTMLCanvasElement::GetContext(const nsAString& aContextId,
|
||||
nsISupports** aContext)
|
||||
{
|
||||
return GetContext(aContextId, JS::UndefinedValue(), nullptr, aContext);
|
||||
return GetContext(aContextId, JS::UndefinedHandleValue, nullptr, aContext);
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
|
|
|
@ -8,6 +8,7 @@
|
|||
#define mozilla_dom_TypedArray_h
|
||||
|
||||
#include "jsfriendapi.h"
|
||||
#include "js/RootingAPI.h"
|
||||
|
||||
namespace mozilla {
|
||||
namespace dom {
|
||||
|
@ -65,7 +66,7 @@ struct TypedArray : public TypedArray_base<T,UnboxArray> {
|
|||
static inline JSObject*
|
||||
Create(JSContext* cx, nsWrapperCache* creator, uint32_t length,
|
||||
const T* data = NULL) {
|
||||
JSObject* creatorWrapper;
|
||||
JS::Rooted<JSObject*> creatorWrapper(cx);
|
||||
Maybe<JSAutoCompartment> ac;
|
||||
if (creator && (creatorWrapper = creator->GetWrapperPreserveColor())) {
|
||||
ac.construct(cx, creatorWrapper);
|
||||
|
|
|
@ -100,11 +100,11 @@ TestShellCommandParent::RunCallback(const nsString& aResponse)
|
|||
JSString* str = JS_NewUCStringCopyN(mCx, aResponse.get(), aResponse.Length());
|
||||
NS_ENSURE_TRUE(str, JS_FALSE);
|
||||
|
||||
JS::Value argv[] = { STRING_TO_JSVAL(str) };
|
||||
unsigned argc = ArrayLength(argv);
|
||||
JS::Rooted<JS::Value> strVal(mCx, JS::StringValue(str));
|
||||
|
||||
JS::Value rval;
|
||||
JSBool ok = JS_CallFunctionValue(mCx, global, mCallback, argc, argv, &rval);
|
||||
JS::Rooted<JS::Value> rval(mCx);
|
||||
JSBool ok = JS_CallFunctionValue(mCx, global, mCallback, 1, strVal.address(),
|
||||
rval.address());
|
||||
NS_ENSURE_TRUE(ok, JS_FALSE);
|
||||
|
||||
return JS_TRUE;
|
||||
|
|
|
@ -95,8 +95,8 @@ StatementRow::GetProperty(nsIXPConnectWrappedNative *aWrapper,
|
|||
|
||||
// Copy the blob over to the JS array.
|
||||
for (uint32_t i = 0; i < length; i++) {
|
||||
jsval val = INT_TO_JSVAL(blob[i]);
|
||||
if (!::JS_SetElement(aCtx, scope, i, &val)) {
|
||||
JS::Rooted<JS::Value> val(aCtx, INT_TO_JSVAL(blob[i]));
|
||||
if (!::JS_SetElement(aCtx, scope, i, val.address())) {
|
||||
*_retval = false;
|
||||
return NS_OK;
|
||||
}
|
||||
|
|
|
@ -92,9 +92,9 @@ PlaceInfo::GetVisits(JSContext* aContext,
|
|||
|
||||
JS::Rooted<JSObject*> jsobj(aContext, wrapper->GetJSObject());
|
||||
NS_ENSURE_STATE(jsobj);
|
||||
JS::Value wrappedVisit = OBJECT_TO_JSVAL(jsobj);
|
||||
JS::Rooted<JS::Value> wrappedVisit(aContext, OBJECT_TO_JSVAL(jsobj));
|
||||
|
||||
JSBool rc = JS_SetElement(aContext, visits, idx, &wrappedVisit);
|
||||
JSBool rc = JS_SetElement(aContext, visits, idx, wrappedVisit.address());
|
||||
NS_ENSURE_TRUE(rc, NS_ERROR_UNEXPECTED);
|
||||
}
|
||||
|
||||
|
|
|
@ -1516,8 +1516,8 @@ TelemetryImpl::GetChromeHangs(JSContext *cx, JS::Value *ret)
|
|||
|
||||
const size_t length = stacks.GetStackCount();
|
||||
for (size_t i = 0; i < length; ++i) {
|
||||
JS::Value duration = INT_TO_JSVAL(mHangReports.GetDuration(i));
|
||||
if (!JS_SetElement(cx, durationArray, i, &duration)) {
|
||||
JS::Rooted<JS::Value> duration(cx, INT_TO_JSVAL(mHangReports.GetDuration(i)));
|
||||
if (!JS_SetElement(cx, durationArray, i, duration.address())) {
|
||||
return NS_ERROR_FAILURE;
|
||||
}
|
||||
}
|
||||
|
@ -1553,8 +1553,8 @@ CreateJSStackObject(JSContext *cx, const CombinedStacks &stacks) {
|
|||
if (!moduleInfoArray) {
|
||||
return nullptr;
|
||||
}
|
||||
JS::Value val = OBJECT_TO_JSVAL(moduleInfoArray);
|
||||
if (!JS_SetElement(cx, moduleArray, moduleIndex, &val)) {
|
||||
JS::Rooted<JS::Value> val(cx, OBJECT_TO_JSVAL(moduleInfoArray));
|
||||
if (!JS_SetElement(cx, moduleArray, moduleIndex, val.address())) {
|
||||
return nullptr;
|
||||
}
|
||||
|
||||
|
@ -1566,7 +1566,7 @@ CreateJSStackObject(JSContext *cx, const CombinedStacks &stacks) {
|
|||
return nullptr;
|
||||
}
|
||||
val = STRING_TO_JSVAL(str);
|
||||
if (!JS_SetElement(cx, moduleInfoArray, index++, &val)) {
|
||||
if (!JS_SetElement(cx, moduleInfoArray, index++, val.address())) {
|
||||
return nullptr;
|
||||
}
|
||||
|
||||
|
@ -1576,7 +1576,7 @@ CreateJSStackObject(JSContext *cx, const CombinedStacks &stacks) {
|
|||
return nullptr;
|
||||
}
|
||||
val = STRING_TO_JSVAL(id);
|
||||
if (!JS_SetElement(cx, moduleInfoArray, index++, &val)) {
|
||||
if (!JS_SetElement(cx, moduleInfoArray, index++, val.address())) {
|
||||
return nullptr;
|
||||
}
|
||||
}
|
||||
|
@ -1600,8 +1600,8 @@ CreateJSStackObject(JSContext *cx, const CombinedStacks &stacks) {
|
|||
return nullptr;
|
||||
}
|
||||
|
||||
JS::Value pcArrayVal = OBJECT_TO_JSVAL(pcArray);
|
||||
if (!JS_SetElement(cx, reportArray, i, &pcArrayVal)) {
|
||||
JS::Rooted<JS::Value> pcArrayVal(cx, OBJECT_TO_JSVAL(pcArray));
|
||||
if (!JS_SetElement(cx, reportArray, i, pcArrayVal.address())) {
|
||||
return nullptr;
|
||||
}
|
||||
|
||||
|
@ -1615,16 +1615,16 @@ CreateJSStackObject(JSContext *cx, const CombinedStacks &stacks) {
|
|||
}
|
||||
int modIndex = (std::numeric_limits<uint16_t>::max() == frame.mModIndex) ?
|
||||
-1 : frame.mModIndex;
|
||||
JS::Value modIndexVal = INT_TO_JSVAL(modIndex);
|
||||
if (!JS_SetElement(cx, framePair, 0, &modIndexVal)) {
|
||||
JS::Rooted<JS::Value> modIndexVal(cx, INT_TO_JSVAL(modIndex));
|
||||
if (!JS_SetElement(cx, framePair, 0, modIndexVal.address())) {
|
||||
return nullptr;
|
||||
}
|
||||
JS::Value mOffsetVal = INT_TO_JSVAL(frame.mOffset);
|
||||
if (!JS_SetElement(cx, framePair, 1, &mOffsetVal)) {
|
||||
JS::Rooted<JS::Value> mOffsetVal(cx, INT_TO_JSVAL(frame.mOffset));
|
||||
if (!JS_SetElement(cx, framePair, 1, mOffsetVal.address())) {
|
||||
return nullptr;
|
||||
}
|
||||
JS::Value framePairVal = OBJECT_TO_JSVAL(framePair);
|
||||
if (!JS_SetElement(cx, pcArray, pcIndex, &framePairVal)) {
|
||||
JS::Rooted<JS::Value> framePairVal(cx, OBJECT_TO_JSVAL(framePair));
|
||||
if (!JS_SetElement(cx, pcArray, pcIndex, framePairVal.address())) {
|
||||
return nullptr;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -92,8 +92,8 @@ JSObjectBuilder::ArrayPush(JSCustomArray *aArray, int value)
|
|||
if (!mOk)
|
||||
return;
|
||||
|
||||
JS::Value objval = INT_TO_JSVAL(value);
|
||||
mOk = JS_SetElement(mCx, (JSObject*)aArray, length, &objval);
|
||||
JS::Rooted<JS::Value> objval(mCx, INT_TO_JSVAL(value));
|
||||
mOk = JS_SetElement(mCx, (JSObject*)aArray, length, objval.address());
|
||||
}
|
||||
|
||||
void
|
||||
|
@ -114,8 +114,8 @@ JSObjectBuilder::ArrayPush(JSCustomArray *aArray, const char *value)
|
|||
if (!mOk)
|
||||
return;
|
||||
|
||||
JS::Value objval = STRING_TO_JSVAL(string);
|
||||
mOk = JS_SetElement(mCx, (JSObject*)aArray, length, &objval);
|
||||
JS::Rooted<JS::Value> objval(mCx, STRING_TO_JSVAL(string));
|
||||
mOk = JS_SetElement(mCx, (JSObject*)aArray, length, objval.address());
|
||||
}
|
||||
|
||||
void
|
||||
|
@ -130,8 +130,8 @@ JSObjectBuilder::ArrayPush(JSCustomArray *aArray, JSCustomObject *aObject)
|
|||
if (!mOk)
|
||||
return;
|
||||
|
||||
JS::Value objval = OBJECT_TO_JSVAL((JSObject*)aObject);
|
||||
mOk = JS_SetElement(mCx, (JSObject*)aArray, length, &objval);
|
||||
JS::Rooted<JS::Value> objval(mCx, OBJECT_TO_JSVAL((JSObject*)aObject));
|
||||
mOk = JS_SetElement(mCx, (JSObject*)aArray, length, objval.address());
|
||||
}
|
||||
|
||||
JSCustomArray*
|
||||
|
|
|
@ -70,8 +70,8 @@ SaveProfileTask::Run() {
|
|||
if (stream.is_open()) {
|
||||
JSAutoCompartment autoComp(cx, obj);
|
||||
JSObject* profileObj = profiler_get_profile_jsobject(cx);
|
||||
jsval val = OBJECT_TO_JSVAL(profileObj);
|
||||
JS_Stringify(cx, &val, nullptr, JSVAL_NULL, WriteCallback, &stream);
|
||||
JS::Rooted<JS::Value> val(cx, OBJECT_TO_JSVAL(profileObj));
|
||||
JS_Stringify(cx, val.address(), nullptr, JSVAL_NULL, WriteCallback, &stream);
|
||||
stream.close();
|
||||
LOGF("Saved to %s", tmpPath.get());
|
||||
} else {
|
||||
|
|
|
@ -174,13 +174,13 @@ nsHTTPIndex::OnFTPControlLog(bool server, const char *msg)
|
|||
params[0] = BOOLEAN_TO_JSVAL(server);
|
||||
params[1] = STRING_TO_JSVAL(jsMsgStr);
|
||||
|
||||
JS::Value val;
|
||||
JS::Rooted<JS::Value> val(cx);
|
||||
JS_CallFunctionName(cx,
|
||||
global,
|
||||
"OnFTPControlLog",
|
||||
2,
|
||||
params,
|
||||
&val);
|
||||
val.address());
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
|
|
Загрузка…
Ссылка в новой задаче