Closed
Bug 601782
Opened 14 years ago
Closed 14 years ago
crash when calling evalInSandbox from within a sandbox
Categories
(Core :: JavaScript Engine, defect)
Tracking
()
RESOLVED
WORKSFORME
| Tracking | Status | |
|---|---|---|
| blocking2.0 | --- | - |
People
(Reporter: jruderman, Unassigned)
Details
(Keywords: assertion, crash, testcase, Whiteboard: fixed?)
In TM-branch xpcshell:
var s = Components.utils.Sandbox("http://www.example.com/");
s.evalInSandbox = Components.utils.evalInSandbox; Components.utils.evalInSandbox("evalInSandbox('5', null)", s);
###!!! ASSERTION: Bad caller!: 'system',
file js/src/xpconnect/src/xpccomponents.cpp, line 3591
Crash [@ JSObject::getClass | XPCWrapper::IsSecurityWrapper]
|
||
Updated•14 years ago
|
blocking2.0: --- → ?
Summary: Can't call evalInSandbox from within a sandbox → crash when calling evalInSandbox from within a sandbox
|
|
||
Comment 1•14 years ago
|
||
Hrm, this is somehow wfm on trunk (I remember seeing this myself).
Try pasting this code in the js console:
var sandbox = Components.utils.Sandbox(window.top.opener); sandbox.w = window.top.opener;
Components.utils.evalInSandbox("var s = Components.utils.Sandbox(w); s.w = w; Components.utils.evalInSandbox('w.alert(1)', s);", sandbox);|
|
||
Updated•14 years ago
|
Whiteboard: fixed?
|
||
Comment 2•14 years ago
|
||
This WFM on TM tip xpcshell.
Status: NEW → RESOLVED
blocking2.0: ? → -
Closed: 14 years ago
Resolution: --- → WORKSFORME
You need to log in
before you can comment on or make changes to this bug.
Description
•