Bug 609141 - Compartments mismatch in jsdScript::GetFunctionSource. r=sayrer
authorBlake Kaplan <mrbkap@gmail.com>
Wed, 03 Nov 2010 18:04:22 -0700
changeset 56852 69b9eb5a67169bbdaaf75873161535558f7fc17a
parent 56851 3be753e18f9750844cb10a64c391f9bcd2806726
child 56853 a9def7f8c835bc964f5c4c8a680fb3cfbc0e83f2
push id16714
push userrsayre@mozilla.com
push dateThu, 04 Nov 2010 07:07:14 +0000
treeherdermozilla-central@f7016571b472 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerssayrer
bugs609141
milestone2.0b8pre
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 609141 - Compartments mismatch in jsdScript::GetFunctionSource. r=sayrer
js/jsd/jsd_xpc.cpp
js/src/jsapi.cpp
--- a/js/jsd/jsd_xpc.cpp
+++ b/js/jsd/jsd_xpc.cpp
@@ -55,16 +55,19 @@
 #include "jsdebug.h"
 #include "nsReadableUtils.h"
 #include "nsCRT.h"
 
 /* XXX DOM dependency */
 #include "nsIScriptContext.h"
 #include "nsIJSContextStack.h"
 
+/* XXX private JS headers. */
+#include "jscompartment.h"
+
 /*
  * defining CAUTIOUS_SCRIPTHOOK makes jsds disable GC while calling out to the
  * script hook.  This was a hack to avoid some js engine problems that should
  * be fixed now (see Mozilla bug 77636).
  */
 #undef CAUTIOUS_SCRIPTHOOK
 
 #ifdef DEBUG_verbose
@@ -1314,20 +1317,24 @@ jsdScript::GetFunctionSource(nsAString &
         NS_WARNING("No default context !?");
         return NS_ERROR_FAILURE;
     }
     JSFunction *fun = JSD_GetJSFunction (mCx, mScript);
 
     JSAutoRequest ar(cx);
 
     JSString *jsstr;
-    if (fun)
+    if (fun) {
+        JSAutoEnterCompartment ac;
+        if (!ac.enter(cx, JS_GetFunctionObject(fun)))
+            return NS_ERROR_FAILURE;
         jsstr = JS_DecompileFunction (cx, fun, 4);
-    else {
+    } else {
         JSScript *script = JSD_GetJSScript (mCx, mScript);
+        js::SwitchToCompartment sc(cx, script->compartment);
         jsstr = JS_DecompileScript (cx, script, "ppscript", 4);
     }
     if (!jsstr)
         return NS_ERROR_FAILURE;
 
     aFunctionSource =
         nsDependentString(
             reinterpret_cast<PRUnichar*>(JS_GetStringChars(jsstr)),
--- a/js/src/jsapi.cpp
+++ b/js/src/jsapi.cpp
@@ -4721,17 +4721,20 @@ JS_CompileFunction(JSContext *cx, JSObje
 JS_PUBLIC_API(JSString *)
 JS_DecompileScript(JSContext *cx, JSScript *script, const char *name, uintN indent)
 {
     JS_THREADSAFE_ASSERT(cx->compartment != cx->runtime->defaultCompartment);
     JSPrinter *jp;
     JSString *str;
 
     CHECK_REQUEST(cx);
-    assertSameCompartment(cx, script);
+#ifdef DEBUG
+    if (cx->compartment != script->compartment)
+        CompartmentChecker::fail(cx->compartment, script->compartment);
+#endif
     jp = js_NewPrinter(cx, name, NULL,
                        indent & ~JS_DONT_PRETTY_PRINT,
                        !(indent & JS_DONT_PRETTY_PRINT),
                        false, false);
     if (!jp)
         return NULL;
     if (js_DecompileScript(jp, script))
         str = js_GetPrinterOutput(jp);