uncaught exception: Permission denied to get property Function.caller

RESOLVED FIXED in Future

Status

()

Core
Security: CAPS
RESOLVED FIXED
16 years ago
15 years ago

People

(Reporter: bht237, Assigned: Mitchell Stoltz (not reading bugmail))

Tracking

Trunk
Future
x86
All
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: mozilla1.3)

Attachments

(1 attachment)

(Reporter)

Description

16 years ago
function.caller should return null in the attached test case as in Netscape 4
and others.

Mozilla/5.0 (Windows; U; Win95; en-US; rv:0.9.7+) Gecko/20020110

Maybe looking at bug 117307 helps (which was fixed really quickly)
I cc Brendan for that reason.

I would be very glad if this would be fixed soon. Hope it is not a big deal.
(Reporter)

Comment 1

16 years ago
Created attachment 64550 [details]
Simple testcase
(Reporter)

Updated

16 years ago
Keywords: 4xp, ecommerce, mozilla0.9.9, mozilla1.0, nsbeta1, testcase

Comment 2

16 years ago
Confirming with Mozilla binaries on WinNT, Linux. OS: --> All.
Here is the source for the reporter's testcase: 

<HTML><HEAD><SCRIPT>

function handler(t,u,n)
{
  alert("handler.caller = " + handler.caller);
  return false;
}

window.onerror = handler;
noSuchFunction();

</SCRIPT></HEAD></HTML>


In NN4.7 and IE6 the output of this is an alert: "handler.caller = null".
In Mozilla, however, you get an exception in the JS Console:

 Error: uncaught exception: Permission denied to get property Function.caller

cc'ing Mitch as well -
Assignee: rogerl → khanson
Status: UNCONFIRMED → NEW
Ever confirmed: true
OS: Windows 95 → All
Reassigning to mstoltz, changing component.  I think this is a 4xp bug -- Mitch,
what's going on?

/be
Assignee: khanson → mstoltz
Component: Javascript Engine → Security: CAPS

Comment 4

16 years ago
setting default QA -
QA Contact: pschwartau → bsharma
(Assignee)

Comment 5

16 years ago
Not sure...I thought Function.caller was only blocked when it involved a
cross-host access, which doesn't seem to be the case here. I'll take a look.
Status: NEW → ASSIGNED
Target Milestone: --- → mozilla1.0
Keywords: nsbeta1 → nsbeta1+
(Assignee)

Updated

16 years ago
Target Milestone: mozilla1.0 → mozilla1.2
(Assignee)

Updated

16 years ago
Keywords: 4xp, ecommerce, mozilla0.9.9, mozilla1.0, nsbeta1+, testcase
(Assignee)

Updated

16 years ago
Target Milestone: mozilla1.2alpha → Future
(Reporter)

Updated

16 years ago
Whiteboard: mozilla1.3
I just checked in the fix for bug 181934 -- anyone care to test whether it fixes
this bug too?  Try tomorrow's builds if you can't patch your own (I was relying
on waterson to test my one-line js engine patch in 181934).

/be

Comment 7

15 years ago
Also note bug 158592, "Stack Trace code causes process thread to die".

There, recursive appeals to |f.caller| succeeded until they reached
top-level code. At that point the code failed silently (no errors
in the JS Console), causing JS execution to stop.

The problem was diagnosed as follows:


------- Additional Comment_ #5 From Peter Van der Beken 2002-11-06 09:26 ------- 

nsScriptSecurityManager::CheckJSFunctionCallerAccess blocks access to .caller.
Rather odd since .caller is null in this case. I'm also seeing:

###!!! ASSERTION: CheckPropertyAccessImpl called without a target object or URL:
'Error', file nsScriptSecurityManager.cpp, line 723

Comment 8

15 years ago
> I just checked in the fix for bug 181934 -- anyone care to test
> whether it fixes this bug too? 

Yes, it does seem to have fixed this bug, too. Using Mozilla 
trunk binary 2002112711 on WinNT. When I try the above testcase,
it now alerts "handler.caller = null", as desired.

bht@actrix.gen.nz: do you find the same?
Bug 158592 also seems to be fixed now. 

Comment 9

15 years ago
Resolving this bug as FIXED due to the fix for bug 181934.

bht@actrix.gen.nz: if you do not find this to be fixed,
please reopen this bug. Be sure, however, to try it out
using a trunk build dated 2002-11-27 or after; thanks -
Status: ASSIGNED → RESOLVED
Last Resolved: 15 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.