Check if an interface is IsReflectable() before we do anything with JS in nsXPCWrappedJS::CallMethod()
Categories
(Core :: XPConnect, task, P2)
Tracking
()
| Tracking | Status | |
|---|---|---|
| firefox99 | --- | fixed |
People
(Reporter: mccr8, Assigned: mccr8)
References
Details
Attachments
(1 file)
Bug 1347999 added JS_HAZ_CAN_RUN_SCRIPT annotations to any XPIDL method that can be implemented by JS. However, there's one corner case where the annotation is currently incorrect.
You can have an interface that is [scriptable] and not [builtinclass], and a method or attribute is marked [noscript]. This means that the interface can be implemented in JS, but the method or attribute can't be. An example of this is nsIInputStream::read.
The way this works is that nsXPCWrappedJS::CallMethod() dynamically fails the call if !info->IsReflectable(). That's fine. The problem is that it does this after AutoEntryScript, which can allocate in JS, and thus we can still end up GCing in a [noscript] method. Checking that property doesn't require that we have entered script yet (it just checks a static flag), so the easy fix here is to move the check earlier.
|
Assignee | |
Comment 1•3 years ago
|
||
We need to reject calls to non-reflectable methods before we do anything (like
AutoEntryScript) that might cause a GC, because these methods have not been
annotated with JS_HAZ_CAN_RUN_SCRIPT.
Pushed by amccreight@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/45b9cffe4fd6 Reject non-reflectable calls early in nsXPCWrappedJS::CallMethod(). r=nika
|
||
Comment 3•3 years ago
|
||
| bugherder | ||
Description
•