From 8cb884102c17ef0530277126fd8da054d329d065 Mon Sep 17 00:00:00 2001 From: Tom Sepez Date: Thu, 1 Jun 2017 14:59:33 -0700 Subject: Tag CFXJSE_HostObject sub-classes. CXFA_FM2JSContext and CXFA_Object both subclass CFXJSE_HostObject. When a CFXJSE_HostObject is obtained from an opaque pointer inside a V8 object internal slot, there is no way to distinguish one from the other. Bug: 728158 Change-Id: Iabc648e8b7226e2819d8795227442c3f6c61a793 Reviewed-on: https://pdfium-review.googlesource.com/6211 Reviewed-by: Lei Zhang Commit-Queue: Tom Sepez --- xfa/fxfa/fm2js/cxfa_fm2jscontext.cpp | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) (limited to 'xfa/fxfa/fm2js') diff --git a/xfa/fxfa/fm2js/cxfa_fm2jscontext.cpp b/xfa/fxfa/fm2js/cxfa_fm2jscontext.cpp index c6d53696a0..2da86eb896 100644 --- a/xfa/fxfa/fm2js/cxfa_fm2jscontext.cpp +++ b/xfa/fxfa/fm2js/cxfa_fm2jscontext.cpp @@ -501,7 +501,10 @@ bool PatternStringType(const CFX_ByteStringC& szPattern, } CXFA_FM2JSContext* ToJSContext(CFXJSE_Value* pValue, CFXJSE_Class* pClass) { - return static_cast(pValue->ToHostObject(pClass)); + CFXJSE_HostObject* pHostObj = pValue->ToHostObject(pClass); + if (!pHostObj || pHostObj->type() != CFXJSE_HostObject::kFM2JS) + return nullptr; + return static_cast(pHostObj); } bool IsWhitespace(char c) { @@ -6133,13 +6136,13 @@ bool CXFA_FM2JSContext::Translate(const CFX_WideStringC& wsFormcalc, CXFA_FM2JSContext::CXFA_FM2JSContext(v8::Isolate* pScriptIsolate, CFXJSE_Context* pScriptContext, CXFA_Document* pDoc) - : m_pIsolate(pScriptIsolate), + : CFXJSE_HostObject(kFM2JS), + m_pIsolate(pScriptIsolate), m_pFMClass(CFXJSE_Class::Create(pScriptContext, &formcalc_fm2js_descriptor, false)), m_pValue(pdfium::MakeUnique(pScriptIsolate)), m_pDocument(pDoc) { - m_pValue.get()->SetNull(); m_pValue.get()->SetObject(this, m_pFMClass); } -- cgit v1.2.3