eval JSON parser hack misfires in strict mode, for objects with duplicate property names

RESOLVED FIXED in mozilla6

Status

()

Core
JavaScript Engine
RESOLVED FIXED
6 years ago
6 years ago

People

(Reporter: Waldo, Assigned: Waldo)

Tracking

Trunk
mozilla6
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: fixed-in-tracemonkey)

Attachments

(1 attachment)

js> "use strict"; eval('({"a": 2, "a": 3})')
({a:3})

The eval code is strict mode code, and in strict mode object literals can't have repeated property names.

WebKit dodged this bullet by not doing a JSON-parse in strict mode, which is how I discovered the issue.  That's probably the easiest fix, arguably even the best one -- it provides the right incentives for people parsing JSON with eval to switch.
Created attachment 533039 [details] [diff] [review]
Patch and test
Assignee: general → jwalden+bmo
Status: NEW → ASSIGNED
Attachment #533039 - Flags: review?(nnethercote)
Comment on attachment 533039 [details] [diff] [review]
Patch and test

Review of attachment 533039 [details] [diff] [review]:
-----------------------------------------------------------------

Thanks for fixing the fallout from my dirty hack.
Attachment #533039 - Flags: review?(nnethercote) → review+
Blocks: 578216
http://hg.mozilla.org/tracemonkey/rev/e03a5e6e68da

I'm too lazy to check, but this arguably might not properly be your fallout, because I don't think we treated {a:1,a:2} as a strict mode error until after the JSON parser hack landed, and the duplicate-property-error failure would likely fall on the code that implemented that as a strict mode error.  But whatever, fixed now.
Whiteboard: fixed-in-tracemonkey
Target Milestone: --- → mozilla6
cdleary-bot mozilla-central merge info:
http://hg.mozilla.org/mozilla-central/rev/e03a5e6e68da
Status: ASSIGNED → RESOLVED
Last Resolved: 6 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.