From 4f4603cc1b498bca3b1619006137e50ce80088c1 Mon Sep 17 00:00:00 2001 From: Tom Sepez Date: Tue, 10 Nov 2015 15:03:12 -0800 Subject: Segv when PDF-side JS object property getter invoked from XFA. The PDF-side native objects require that the current v8 context has been set-up to point at the state (via CJS_Runtime) for the getters, setters, and methods to operate against. XFA doesn't supply a context with that state, so at the first opportunity for a PDF-side object to be leaked to XFA, set up the context to mimic the PDF side. Changed FXJS_GetRuntimeFromIsolate() to FXJS_GetRuntimeFromV8Context() for consistency with the newly added method. BUG=pdfium:266 R=jochen@chromium.org Review URL: https://codereview.chromium.org/1412103010 . --- fpdfsdk/include/jsapi/fxjs_v8.h | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'fpdfsdk/include') diff --git a/fpdfsdk/include/jsapi/fxjs_v8.h b/fpdfsdk/include/jsapi/fxjs_v8.h index 70518406cb..001823f5fd 100644 --- a/fpdfsdk/include/jsapi/fxjs_v8.h +++ b/fpdfsdk/include/jsapi/fxjs_v8.h @@ -133,7 +133,13 @@ void FXJS_InitializeRuntime(v8::Isolate* pIsolate, v8::Global& v8PersistentContext); void FXJS_ReleaseRuntime(v8::Isolate* pIsolate, v8::Global& v8PersistentContext); -IJS_Runtime* FXJS_GetRuntimeFromIsolate(v8::Isolate* pIsolate); + +// Called as part of FXJS_InitializeRuntime, exposed so PDF can make its +// own contexts compatible with XFA or vice versa. +void FXJS_SetRuntimeForV8Context(v8::Local v8Context, + IJS_Runtime* pIRuntime); + +IJS_Runtime* FXJS_GetRuntimeFromV8Context(v8::Local v8Context); // Called after FXJS_InitializeRuntime call made. int FXJS_Execute(v8::Isolate* pIsolate, -- cgit v1.2.3