Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2025-02-26 04:09:50 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 1754509 - Reject non-reflectable calls early in nsXPCWrappedJS::CallMethod(). r=nika

Browse Source 
We need to reject calls to non-reflectable methods before we do anything (like
AutoEntryScript) that might cause a GC, because these methods have not been
annotated with JS_HAZ_CAN_RUN_SCRIPT.

Differential Revision: https://phabricator.services.mozilla.com/D138351
This commit is contained in:
Andrew McCreight 2022-02-10 00:29:38 +00:00
parent 7589666b07
commit b5f84ec27c
1 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
js/xpconnect/src/XPCWrappedJSClass.cpp
View File

@ -764,6 +764,14 @@ nsXPCWrappedJS::CallMethod(uint16_t methodIndex, const nsXPTMethodInfo* info,
return NS_ERROR_UNEXPECTED;
}
// We need to reject an attempt to call a non-reflectable method before
// we do anything like AutoEntryScript which might allocate in the JS engine,
// because the method isn't marked with JS_HAZ_CAN_RUN_SCRIPT, and we want
// to be able to take advantage of that in the GC hazard analysis.
if (!info->IsReflectable()) {
return NS_ERROR_FAILURE;
}
Value* sp = nullptr;
Value* argv = nullptr;
uint8_t i;
@ -790,7 +798,7 @@ nsXPCWrappedJS::CallMethod(uint16_t methodIndex, const nsXPTMethodInfo* info,
JSContext* cx = ccx.GetJSContext();
if (!cx || !info->IsReflectable()) {
if (!cx) {
return NS_ERROR_FAILURE;
}