Open Bug 1418769 Opened 2 years ago Updated Last month
Source and uneval
Almost all built-ins in Firefox have a 'toSource' prototype method that is non-standard. uneval also tries to call 'toSource' or falls back to generic code for serializing objects. 'toSource' can be a useful debugging tool, but at least within Firefox we can use the better devtools instead.
2 years ago
Note, our test suite depends on that to avoid being too verbose. I guess most of these could be replace by multiple line strings, but we should double check if this is fine for fuzzers.
I've been using uneval in the past in fuzzing (especially for testcase reduction when combining multiple files). But at some point I switched to template strings because that makes a lot of things easier. I just checked and there is no dependency to either uneval or toSource in LangFuzz. Putting a needinfo on :gkw though to check jsfunfuzz.
Thanks for the headsup, decoder. A cursory jsfunfuzz check shows that toSource seems easy to remove: https://github.com/MozillaSecurity/funfuzz/search?utf8=%E2%9C%93&q=toSource&type= but uneval seems more prevalent: https://github.com/MozillaSecurity/funfuzz/search?utf8=%E2%9C%93&q=uneval&type= With the decompiler gone, the last I heard about reconstructing a prettified testcase from a minified one was something via AST, but I'm not sure what that led to. Now we use external beautifiers, but just sayin'. I'll keep an eye on this bug, don't let this deter you folks from whatever you plan to do with uneval and toSource.
Totally OK with dropping this stuff, especially toSource. Maybe we should keep uneval as a testing function...?
3 months ago
You need to log in before you can comment on or make changes to this bug.