diff options
author | Jochen Eisinger <jochen@chromium.org> | 2015-05-14 02:00:44 +0200 |
---|---|---|
committer | Jochen Eisinger <jochen@chromium.org> | 2015-05-14 02:00:44 +0200 |
commit | 1b8a296b5d1fdd7f6d7daa099f7feef869e05e5e (patch) | |
tree | b5abbe51992f6925bc9c3978d5444910e516c2ba /fpdfsdk/src/jsapi | |
parent | 8aa1eac606d8e5030de6509f5d5d66e90db521f4 (diff) | |
download | pdfium-1b8a296b5d1fdd7f6d7daa099f7feef869e05e5e.tar.xz |
Use phantom handles instead of weak handles
Phantom handles allow for freeing objects with one pass of GC. However,
this means that by the time the callback is invoked, the v8 object already
does no longer exist. To avoid accidential access to the dead object, there
are now two callbacks, where the first must only reset the handle, and the
second does the clean-up work.
R=tsepez@chromium.org
BUG=
Review URL: https://codereview.chromium.org/1129253004
Diffstat (limited to 'fpdfsdk/src/jsapi')
-rw-r--r-- | fpdfsdk/src/jsapi/fxjs_v8.cpp | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/fpdfsdk/src/jsapi/fxjs_v8.cpp b/fpdfsdk/src/jsapi/fxjs_v8.cpp index 7af8237c2e..59c99acdfe 100644 --- a/fpdfsdk/src/jsapi/fxjs_v8.cpp +++ b/fpdfsdk/src/jsapi/fxjs_v8.cpp @@ -47,7 +47,7 @@ public: v8::HandleScope handle_scope(isolate); v8::Handle<v8::ObjectTemplate> objTemplate = v8::ObjectTemplate::New(isolate); - objTemplate->SetInternalFieldCount(1); + objTemplate->SetInternalFieldCount(2); m_objTemplate.Reset(isolate, objTemplate); //Document as the global object. @@ -527,10 +527,15 @@ void* JS_GetPrivate(IJS_Runtime* pJSRuntime, v8::Handle<v8::Object> pObj) return pPrivateData->pPrivate; } +void JS_FreePrivate(void* pPrivateData) +{ + delete (CJS_PrivateData*)pPrivateData; +} + void JS_FreePrivate(v8::Handle<v8::Object> pObj) { if(pObj.IsEmpty() || !pObj->InternalFieldCount()) return; - delete (CJS_PrivateData*)pObj->GetAlignedPointerFromInternalField(0); + JS_FreePrivate(pObj->GetAlignedPointerFromInternalField(0)); pObj->SetAlignedPointerInInternalField(0, NULL); } |