Bug 1521907 part 7. Start using CheckedUnwrapStatic/Dynamic in JS debugger. r=jandem

Differential Revision: https://phabricator.services.mozilla.com/D17889 --HG-- extra : moz-landing-system : lando
2019-01-30 17:45:22 +00:00 · 2019-01-30 17:45:22 +00:00 · f195e65a70
--- a/js/src/vm/Debugger-inl.h
+++ b/js/src/vm/Debugger-inl.h
@ -124,7 +124,8 @@ inline js::PromiseObject* js::DebuggerObject::promise() const {

  JSObject* referent = this->referent();
  if (IsCrossCompartmentWrapper(referent)) {
-    referent = CheckedUnwrap(referent);
+    // We know we have a Promise here, so CheckedUnwrapStatic is fine.
+    referent = CheckedUnwrapStatic(referent);
    MOZ_ASSERT(referent);
  }

--- a/js/src/vm/Debugger.cpp
+++ b/js/src/vm/Debugger.cpp
@ -3767,15 +3767,16 @@ GlobalObject* Debugger::unwrapDebuggeeArgument(JSContext* cx, const Value& v) {
  }

  // If we have a cross-compartment wrapper, dereference as far as is secure.
-  obj = CheckedUnwrap(obj);
+  //
+  // Since we're dealing with globals, we may have a WindowProxy here.  So we
+  // have to make sure to do a dynamic unwrap, and we want to unwrap the
+  // WindowProxy too, if we have one.
+  obj = CheckedUnwrapDynamic(obj, cx, /* stopAtWindowProxy = */ false);
  if (!obj) {
    ReportAccessDenied(cx);
    return nullptr;
  }

-  // If that produced a WindowProxy, get the Window (global).
-  obj = ToWindowIfWindowProxy(obj);
-
  // If that didn't produce a global object, it's an error.
  if (!obj->is<GlobalObject>()) {
    JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr,
@ -9381,7 +9382,8 @@ static DebuggerObject* DebuggerObject_checkThis(JSContext* cx,

 #define THIS_DEBUGOBJECT_PROMISE(cx, argc, vp, fnname, args, obj)             \
  THIS_DEBUGOBJECT_REFERENT(cx, argc, vp, fnname, args, obj);                 \
-  obj = CheckedUnwrap(obj);                                                   \
+  /* We only care about promises, so CheckedUnwrapStatic is OK. */            \
+  obj = CheckedUnwrapStatic(obj);                                             \
  if (!obj) {                                                                 \
    ReportAccessDenied(cx);                                                   \
    return false;                                                             \
@ -9396,7 +9398,8 @@ static DebuggerObject* DebuggerObject_checkThis(JSContext* cx,

 #define THIS_DEBUGOBJECT_OWNER_PROMISE(cx, argc, vp, fnname, args, dbg, obj)  \
  THIS_DEBUGOBJECT_OWNER_REFERENT(cx, argc, vp, fnname, args, dbg, obj);      \
-  obj = CheckedUnwrap(obj);                                                   \
+  /* We only care about promises, so CheckedUnwrapStatic is OK. */            \
+  obj = CheckedUnwrapStatic(obj);                                             \
  if (!obj) {                                                                 \
    ReportAccessDenied(cx);                                                   \
    return false;                                                             \
@ -10650,7 +10653,8 @@ bool DebuggerObject::isPromise() const {
  JSObject* referent = this->referent();

  if (IsCrossCompartmentWrapper(referent)) {
-    referent = CheckedUnwrap(referent);
+    /* We only care about promises, so CheckedUnwrapStatic is OK. */
+    referent = CheckedUnwrapStatic(referent);
    if (!referent) {
      return false;
    }
@ -10824,7 +10828,8 @@ double DebuggerObject::promiseTimeToResolution() const {
                                                 JSErrorReport*& report) {
  JSObject* obj = maybeError;
  if (IsCrossCompartmentWrapper(obj)) {
-    obj = CheckedUnwrap(obj);
+    /* We only care about Error objects, so CheckedUnwrapStatic is OK. */
+    obj = CheckedUnwrapStatic(obj);
  }

  if (!obj) {
@ -11517,7 +11522,8 @@ double DebuggerObject::promiseTimeToResolution() const {
  RootedObject referent(cx, object->referent());

  if (IsCrossCompartmentWrapper(referent)) {
-    referent = CheckedUnwrap(referent);
+    /* We only care about promises, so CheckedUnwrapStatic is OK. */
+    referent = CheckedUnwrapStatic(referent);
    if (!referent) {
      ReportAccessDenied(cx);
      return false;
@ -12297,7 +12303,8 @@ extern JS_PUBLIC_API bool JS_DefineDebuggerObject(JSContext* cx,
 }

 JS_PUBLIC_API bool JS::dbg::IsDebugger(JSObject& obj) {
-  JSObject* unwrapped = CheckedUnwrap(&obj);
+  /* We only care about debugger objects, so CheckedUnwrapStatic is OK. */
+  JSObject* unwrapped = CheckedUnwrapStatic(&obj);
  return unwrapped && unwrapped->getClass() == &Debugger::class_ &&
         js::Debugger::fromJSObject(unwrapped) != nullptr;
 }
@ -12305,7 +12312,8 @@ JS_PUBLIC_API bool JS::dbg::IsDebugger(JSObject& obj) {
 JS_PUBLIC_API bool JS::dbg::GetDebuggeeGlobals(JSContext* cx, JSObject& dbgObj,
                                               AutoObjectVector& vector) {
  MOZ_ASSERT(IsDebugger(dbgObj));
-  js::Debugger* dbg = js::Debugger::fromJSObject(CheckedUnwrap(&dbgObj));
+  /* Since we know we have a debugger object, CheckedUnwrapStatic is fine. */
+  js::Debugger* dbg = js::Debugger::fromJSObject(CheckedUnwrapStatic(&dbgObj));

  if (!vector.reserve(vector.length() + dbg->debuggees.count())) {
    JS_ReportOutOfMemory(cx);