Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-22 09:45:41 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 1577107 - Avoid following the prototype chain r=janv

Browse Source 
With this commit we no longer follow the value's prototype chain when
creating index updates in IndexedDB.

Differential Revision: https://phabricator.services.mozilla.com/D44438

--HG--
extra : moz-landing-system : lando
This commit is contained in:
Yaron Tausky 2019-09-27 13:36:25 +00:00
parent 6cdc368f4f
commit 6214b585a0
1 changed files with 25 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
dom/indexedDB/IDBObjectStore.cpp
View File

@ -923,6 +923,9 @@ void IDBObjectStore::AppendIndexUpdateInfo(
const int64_t aIndexID, const KeyPath& aKeyPath, const bool aMultiEntry,
const nsCString& aLocale, JSContext* const aCx, JS::Handle<JS::Value> aVal,
nsTArray<IndexUpdateInfo>* const aUpdateInfoArray, ErrorResult* const aRv) {
// This precondition holds when `aVal` is the result of a structured clone.
js::AutoAssertNoContentJS noContentJS(aCx);
if (!aMultiEntry) {
Key key;
*aRv = aKeyPath.ExtractKey(aCx, aVal, key);
@ -948,7 +951,7 @@ void IDBObjectStore::AppendIndexUpdateInfo(
}
bool isArray;
if (!JS_IsArrayObject(aCx, val, &isArray)) {
if (NS_WARN_IF(!JS_IsArrayObject(aCx, val, &isArray))) {
IDB_REPORT_INTERNAL_ERR();
aRv->Throw(NS_ERROR_DOM_INDEXEDDB_UNKNOWN_ERR);
return;
@ -963,8 +966,27 @@ void IDBObjectStore::AppendIndexUpdateInfo(
}
for (uint32_t arrayIndex = 0; arrayIndex < arrayLength; arrayIndex++) {
JS::Rooted<JS::Value> arrayItem(aCx);
if (NS_WARN_IF(!JS_GetElement(aCx, array, arrayIndex, &arrayItem))) {
JS::RootedId indexId(aCx);
if (NS_WARN_IF(!JS_IndexToId(aCx, arrayIndex, &indexId))) {
IDB_REPORT_INTERNAL_ERR();
aRv->Throw(NS_ERROR_DOM_INDEXEDDB_UNKNOWN_ERR);
return;
}
bool hasOwnProperty;
if (NS_WARN_IF(
!JS_HasOwnPropertyById(aCx, array, indexId, &hasOwnProperty))) {
IDB_REPORT_INTERNAL_ERR();
aRv->Throw(NS_ERROR_DOM_INDEXEDDB_UNKNOWN_ERR);
return;
}
if (!hasOwnProperty) {
continue;
}
JS::RootedValue arrayItem(aCx);
if (NS_WARN_IF(!JS_GetPropertyById(aCx, array, indexId, &arrayItem))) {
IDB_REPORT_INTERNAL_ERR();
aRv->Throw(NS_ERROR_DOM_INDEXEDDB_UNKNOWN_ERR);
return;