Skip to content

Commit bbaf2fd

Browse files
apple-opensourceapple-opensource
committed
7602.4.6
1 parent 1ee2271 commit bbaf2fd

File tree

3 files changed

+27
-3
lines changed

3 files changed

+27
-3
lines changed

ChangeLog

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,18 @@
1+
2016-12-01 Matthew Hanson <matthew_hanson@apple.com>
2+
3+
Merge r209149. rdar://problem/29404230
4+
5+
2016-11-30 Mark Lam <mark.lam@apple.com>
6+
7+
Proxy is not allowed in the global prototype chain.
8+
https://bugs.webkit.org/show_bug.cgi?id=165205
9+
10+
Reviewed by Geoffrey Garen.
11+
12+
* runtime/ProgramExecutable.cpp:
13+
(JSC::ProgramExecutable::initializeGlobalProperties):
14+
- We'll now throw a TypeError if we detect a Proxy in the global prototype chain.
15+
116
2016-11-11 Matthew Hanson <matthew_hanson@apple.com>
217

318
Merge r208619. rdar://problem/29225966

Configurations/Version.xcconfig

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -22,8 +22,8 @@
2222
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
2323

2424
MAJOR_VERSION = 602;
25-
MINOR_VERSION = 3;
26-
TINY_VERSION = 12;
25+
MINOR_VERSION = 4;
26+
TINY_VERSION = 6;
2727
MICRO_VERSION = 0;
2828
NANO_VERSION = 0;
2929
FULL_VERSION = $(MAJOR_VERSION).$(MINOR_VERSION).$(TINY_VERSION);

runtime/Executable.cpp

Lines changed: 10 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -584,6 +584,15 @@ JSObject* ProgramExecutable::initializeGlobalProperties(VM& vm, CallFrame* callF
584584
RELEASE_ASSERT(globalObject);
585585
ASSERT(&globalObject->vm() == &vm);
586586

587+
JSValue nextPrototype = globalObject->getPrototypeDirect();
588+
while (nextPrototype && nextPrototype.isObject()) {
589+
if (UNLIKELY(asObject(nextPrototype)->type() == ProxyObjectType)) {
590+
ExecState* exec = globalObject->globalExec();
591+
return createTypeError(exec, ASCIILiteral("Proxy is not allowed in the global prototype chain."));
592+
}
593+
nextPrototype = asObject(nextPrototype)->getPrototypeDirect();
594+
}
595+
587596
JSObject* exception = 0;
588597
UnlinkedProgramCodeBlock* unlinkedCodeBlock = globalObject->createProgramCodeBlock(callFrame, this, &exception);
589598
if (exception)
@@ -675,7 +684,7 @@ JSObject* ProgramExecutable::initializeGlobalProperties(VM& vm, CallFrame* callF
675684
RELEASE_ASSERT(offsetForAssert == offset);
676685
}
677686
}
678-
return 0;
687+
return nullptr;
679688
}
680689

681690
void ProgramExecutable::visitChildren(JSCell* cell, SlotVisitor& visitor)

0 commit comments

Comments
 (0)