diff options
author | Tom Sepez <tsepez@chromium.org> | 2018-04-06 17:40:45 +0000 |
---|---|---|
committer | Chromium commit bot <commit-bot@chromium.org> | 2018-04-06 17:40:45 +0000 |
commit | 2aa01f5ccbf1464b43527c1ffa6b42bafed9ebeb (patch) | |
tree | f4b29ace656a69dcfaef426b36d56b6fa27bde80 /fxjs/cfxjse_runtimedata.cpp | |
parent | ace80b32dab5c6eaa32cc2f23c4540a5313879a1 (diff) | |
download | pdfium-2aa01f5ccbf1464b43527c1ffa6b42bafed9ebeb.tar.xz |
Avoid uninitialized internal fields in V8 global objects.
V8 won't do this for us when it creates a global object under the
covers off of a template with a non-zero internal field count, instead
just leaving it uninitialized. We were careful to set the iternal
fields on the object we explicitly create, but there are these
implicitly created ones as part of making a new context that need
to be handled as well.
BUG: pdfium:1005
Change-Id: Ic40bafc206ec5119cbceb58f0bb725693e7ddf80
Reviewed-on: https://pdfium-review.googlesource.com/29910
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Diffstat (limited to 'fxjs/cfxjse_runtimedata.cpp')
-rw-r--r-- | fxjs/cfxjse_runtimedata.cpp | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/fxjs/cfxjse_runtimedata.cpp b/fxjs/cfxjse_runtimedata.cpp index 0153e81a6c..540bcb084e 100644 --- a/fxjs/cfxjse_runtimedata.cpp +++ b/fxjs/cfxjse_runtimedata.cpp @@ -24,6 +24,7 @@ std::unique_ptr<CFXJSE_RuntimeData> CFXJSE_RuntimeData::Create( v8::Local<v8::FunctionTemplate> hFuncTemplate = v8::FunctionTemplate::New(pIsolate); + v8::Local<v8::ObjectTemplate> hGlobalTemplate = hFuncTemplate->InstanceTemplate(); hGlobalTemplate->Set( @@ -33,8 +34,14 @@ std::unique_ptr<CFXJSE_RuntimeData> CFXJSE_RuntimeData::Create( v8::Local<v8::Context> hContext = v8::Context::New(pIsolate, 0, hGlobalTemplate); - hContext->SetSecurityToken(v8::External::New(pIsolate, pIsolate)); + ASSERT(hContext->Global()->InternalFieldCount() == 0); + ASSERT(hContext->Global() + ->GetPrototype() + .As<v8::Object>() + ->InternalFieldCount() == 0); + + hContext->SetSecurityToken(v8::External::New(pIsolate, pIsolate)); pRuntimeData->m_hRootContextGlobalTemplate.Reset(pIsolate, hFuncTemplate); pRuntimeData->m_hRootContext.Reset(pIsolate, hContext); return pRuntimeData; |