Bug 1531618 - Detect function declaration without appropriate scope and block it. r=Yoric
authorTooru Fujisawa <arai_a@mac.com>
Fri, 01 Mar 2019 08:58:52 +0000
changeset 461942 0bf89ff871d631476bfe85fc6d26efa1d6b2ec60
parent 461941 a16d8a7b8a30178e1c3248f8bd37d95cd9102d4e
child 461943 45c838c4137d1dcc65ac07dd893c313f5831b283
push id35634
push userrmaries@mozilla.com
push dateSat, 02 Mar 2019 09:26:10 +0000
treeherdermozilla-central@4166cae81546 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersYoric
bugs1531618
milestone67.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1531618 - Detect function declaration without appropriate scope and block it. r=Yoric Differential Revision: https://phabricator.services.mozilla.com/D21642
js/src/frontend/BinASTParserPerTokenizer.cpp
js/src/jit-test/tests/binast/invalid/function-decl-in-then.binjs
js/src/jit-test/tests/binast/invalid/function-decl-in-then.dir
js/src/jsapi-tests/binast/invalid/tests/function-decl-in-then.js
js/src/jsapi-tests/binast/invalid/tests/function-decl-in-then.py
--- a/js/src/frontend/BinASTParserPerTokenizer.cpp
+++ b/js/src/frontend/BinASTParserPerTokenizer.cpp
@@ -231,16 +231,20 @@ JS::Result<FunctionBox*> BinASTParserPer
     auto ptr = pc_->varScope().lookupDeclaredName(atom);
     if (!ptr) {
       return raiseError(
           "FunctionDeclaration without corresponding AssertedDeclaredName.");
     }
 
     DeclarationKind declaredKind = ptr->value()->kind();
     if (DeclarationKindIsVar(declaredKind)) {
+      if (!pc_->atBodyLevel()) {
+        return raiseError(
+            "body-level FunctionDeclaration inside non-body-level context.");
+      }
       RedeclareVar(ptr, DeclarationKind::BodyLevelFunction);
     }
   }
 
   // Allocate the function before walking down the tree.
   RootedFunction fun(cx_);
   BINJS_TRY_VAR(fun, !pc_ ? lazyScript_->functionNonDelazifying()
                           : AllocNewFunction(cx_, atom, syntax, generatorKind,
new file mode 100644
index e69de29bb2d1d6434b8b29ae775ad8c2e48c5391..2cd47f0ee8135977524ce1aa4d63fa196b570d8c
GIT binary patch
literal 377
zc${sJK}*9h7=}N?7&68Xks;z?hzAcIidPTPYF8?@N;A9^4>A2ZgK097Z0Ozp>eZiM
z)>3ydm*jhRzvqQSX?{;hnG|7`g~f}gP&wf~ufNGDT!z-7aacVu!y0sGDAy~T_4t`}
z;4BiV5^9;Y%e6og#B7OXzE<1`t?rOZZ`eL(b8Q+X|AaQ^Lysmy_ok~`t(@1`^S&jL
zn!mR_7d`5PSmj=F)kDgSSh+;%S0>x|sNI~VHFeBk<E6oa@SRNN>jsVB@yE)bwZ44Z
zEthmrq<KPj-!K`FdbnYxToiG<!(S(d<Nyc&4E6zr{vL0qy^#lgm>xrWer}E?0OY?2
F`~u_Ac2WQU
new file mode 100644
--- /dev/null
+++ b/js/src/jit-test/tests/binast/invalid/function-decl-in-then.dir
@@ -0,0 +1,1 @@
+// |jit-test| error:SyntaxError
new file mode 100644
--- /dev/null
+++ b/js/src/jsapi-tests/binast/invalid/tests/function-decl-in-then.js
@@ -0,0 +1,4 @@
+function f() {
+}
+if (1) {
+}
new file mode 100644
--- /dev/null
+++ b/js/src/jsapi-tests/binast/invalid/tests/function-decl-in-then.py
@@ -0,0 +1,21 @@
+def filter_ast(ast):
+    # Move function inside then-block, without fixing scope.
+    import filter_utils as utils
+
+    utils.assert_interface(ast, 'Script')
+    global_stmts = utils.get_field(ast, 'statements')
+
+    fun_stmt = utils.get_element(global_stmts, 0)
+    utils.assert_interface(fun_stmt, 'EagerFunctionDeclaration')
+
+    if_stmt = utils.get_element(global_stmts, 1)
+    utils.assert_interface(if_stmt, 'IfStatement')
+
+    block_stmt = utils.get_field(if_stmt, 'consequent')
+    utils.assert_interface(block_stmt, 'Block')
+
+    block_stmts = utils.get_field(block_stmt, 'statements')
+
+    utils.append_element(block_stmts, utils.copy_tagged_tuple(fun_stmt))
+
+    return ast