Fix uses of native reserved slots in web workers, bug 697537.

2024-10-11 12:25:53 +00:00 · 2011-10-29 18:26:21 -07:00 · 2011-10-29 18:26:21 -07:00 · d50707d207
commit d50707d207
parent 1fe81edc05
3 changed files with 35 additions and 17 deletions
--- a/dom/workers/WorkerScope.cpp
+++ b/dom/workers/WorkerScope.cpp
@ -271,11 +271,8 @@ private:
    JSObject* wrapper = JSVAL_TO_OBJECT(JS_CALLEE(aCx, aVp));
    JS_ASSERT(JS_ObjectIsFunction(aCx, wrapper));

-    jsval scope, listener;
-    if (!JS_GetReservedSlot(aCx, wrapper, SLOT_wrappedScope, &scope) ||
-        !JS_GetReservedSlot(aCx, wrapper, SLOT_wrappedFunction, &listener)) {
-      return false;
-    }
+    jsval scope = js::GetFunctionNativeReserved(wrapper, SLOT_wrappedScope);
+    jsval listener = js::GetFunctionNativeReserved(wrapper, SLOT_wrappedFunction);

    JS_ASSERT(JSVAL_IS_OBJECT(scope));

@ -319,11 +316,8 @@ private:

    JS_ASSERT(JSVAL_IS_OBJECT(adaptor));

-    jsval listener;
-    if (!JS_GetReservedSlot(aCx, JSVAL_TO_OBJECT(adaptor), SLOT_wrappedFunction,
-                            &listener)) {
-      return false;
-    }
+    jsval listener = js::GetFunctionNativeReserved(JSVAL_TO_OBJECT(adaptor),
+                                                   SLOT_wrappedFunction);

    *aVp = listener;
    return true;
@ -339,8 +333,8 @@ private:
      return false;
    }

-    JSFunction* adaptor = JS_NewFunction(aCx, UnwrapErrorEvent, 1, 0,
-                                         JS_GetGlobalObject(aCx), "unwrap");
+    JSFunction* adaptor = js::NewFunctionWithReserved(aCx, UnwrapErrorEvent, 1, 0,
+                                                      JS_GetGlobalObject(aCx), "unwrap");
    if (!adaptor) {
      return false;
    }
@ -350,11 +344,9 @@ private:
      return false;
    }

-    if (!JS_SetReservedSlot(aCx, listener, SLOT_wrappedScope,
-                            OBJECT_TO_JSVAL(aObj)) ||
-        !JS_SetReservedSlot(aCx, listener, SLOT_wrappedFunction, *aVp)) {
-      return false;
-    }
+    js::SetFunctionNativeReserved(listener, SLOT_wrappedScope,
+                                  OBJECT_TO_JSVAL(aObj));
+    js::SetFunctionNativeReserved(listener, SLOT_wrappedFunction, *aVp);

    jsval val = OBJECT_TO_JSVAL(listener);
    return scope->SetEventListenerOnEventTarget(aCx, name + 2, &val);
--- a/js/src/jsfriendapi.cpp
+++ b/js/src/jsfriendapi.cpp
@ -221,6 +221,28 @@ js::DefineFunctionWithReserved(JSContext *cx, JSObject *obj, const char *name, J
                             JSFunction::ExtendedFinalizeKind);
 }

+JS_FRIEND_API(JSFunction *)
+js::NewFunctionWithReserved(JSContext *cx, JSNative native, uintN nargs, uintN flags,
+                            JSObject *parent, const char *name)
+{
+    JS_THREADSAFE_ASSERT(cx->compartment != cx->runtime->atomsCompartment);
+    JSAtom *atom;
+
+    CHECK_REQUEST(cx);
+    assertSameCompartment(cx, parent);
+
+    if (!name) {
+        atom = NULL;
+    } else {
+        atom = js_Atomize(cx, name, strlen(name));
+        if (!atom)
+            return NULL;
+    }
+
+    return js_NewFunction(cx, NULL, native, nargs, flags, parent, atom,
+                          JSFunction::ExtendedFinalizeKind);
+}
+
 JS_FRIEND_API(JSFunction *)
 js::NewFunctionByIdWithReserved(JSContext *cx, JSNative native, uintN nargs, uintN flags, JSObject *parent,
                                jsid id)
--- a/js/src/jsfriendapi.h
+++ b/js/src/jsfriendapi.h
@ -290,6 +290,10 @@ JS_FRIEND_API(JSFunction *)
 DefineFunctionWithReserved(JSContext *cx, JSObject *obj, const char *name, JSNative call,
                           uintN nargs, uintN attrs);

+JS_FRIEND_API(JSFunction *)
+NewFunctionWithReserved(JSContext *cx, JSNative call, uintN nargs, uintN flags,
+                        JSObject *parent, const char *name);
+
 JS_FRIEND_API(JSFunction *)
 NewFunctionByIdWithReserved(JSContext *cx, JSNative native, uintN nargs, uintN flags,
                            JSObject *parent, jsid id);