Mercurial > integration > mozilla-inbound / changeset / 2a6260b2ae9c9e8209ede753f7fd505fe55fb038
summary | shortlog | changelog | pushlog | graph | tags | bookmarks | branches | files | changeset | raw | zip | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Bug 965898 - Don't reuse the JSPropertyDescriptor in BaseProxyHandler::keys. r=gabor
authorBobby Holley <bobbyholley@gmail.com>
Wed, 30 Jul 2014 12:23:03 -0700
changeset 196846 2a6260b2ae9c9e8209ede753f7fd505fe55fb038
parent 196845 92d1c61c3cdfd301a1a6d3127ac186c67037d765
child 196847 60dcc2593586391ef35aa365e4ecab8543d02421
push id46984
push userbobbyholley@gmail.com
push dateWed, 30 Jul 2014 19:24:00 +0000
treeherdermozilla-inbound@22e1b7b69877 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersgabor
bugs965898
milestone34.0a1
first release with
nightly linux32
104254bd1fc8 / 34.0a1 / 20140801030201 / files
nightly linux64
104254bd1fc8 / 34.0a1 / 20140801030201 / files
nightly mac
104254bd1fc8 / 34.0a1 / 20140801030201 / files
nightly win32
104254bd1fc8 / 34.0a1 / 20140801030201 / files
nightly win64
104254bd1fc8 / 34.0a1 / 20140801030201 / files
last release without
nightly linux32
f61a27b00e05 / 34.0a1 / 20140730030201 / files
nightly linux64
f61a27b00e05 / 34.0a1 / 20140730030201 / files
nightly mac
f61a27b00e05 / 34.0a1 / 20140730030201 / files
nightly win32
f61a27b00e05 / 34.0a1 / 20140730030201 / files
nightly win64
f61a27b00e05 / 34.0a1 / 20140730030201 / files
Bug 965898 - Don't reuse the JSPropertyDescriptor in BaseProxyHandler::keys. r=gabor This causes garbage from a previous lookup to propagate into subsequent lookups, and creates confusing situations (like having both a value and a getter).
js/src/jsproxy.cpp file | annotate | diff | comparison | revisions 
--- a/js/src/jsproxy.cpp
+++ b/js/src/jsproxy.cpp
@@ -232,26 +232,26 @@ BaseProxyHandler::keys(JSContext *cx, Ha
 {
     assertEnteredPolicy(cx, proxy, JSID_VOID, ENUMERATE);
     JS_ASSERT(props.length() == 0);
 
     if (!getOwnPropertyNames(cx, proxy, props))
         return false;
 
     /* Select only the enumerable properties through in-place iteration. */
-    Rooted<PropertyDescriptor> desc(cx);
     RootedId id(cx);
     size_t i = 0;
     for (size_t j = 0, len = props.length(); j < len; j++) {
         JS_ASSERT(i <= j);
         id = props[j];
         if (JSID_IS_SYMBOL(id))
             continue;
 
         AutoWaivePolicy policy(cx, proxy, id, BaseProxyHandler::GET);
+        Rooted<PropertyDescriptor> desc(cx);
         if (!getOwnPropertyDescriptor(cx, proxy, id, &desc))
             return false;
         if (desc.object() && desc.isEnumerable())
             props[i++].set(id);
     }
 
     JS_ASSERT(i <= props.length());
     props.resize(i);
mozilla-inbound
Deployed from 9822fcf4b117 at 2022-01-18T16:14:14Z.