Bug 508483 - Don't try to create XPCNativeWrappers around a double-wrapped object. r+sr=jst
authorBlake Kaplan <mrbkap@gmail.com>
Tue, 04 Aug 2009 20:52:10 -0700
changeset 31171 9561bccb08fde03b1495ace965f5621d52b947ec
parent 31170 aa0ee4e7b713816e5a1acfeb64397093d6cf1f62
child 31172 5c913c4662d81b4767c33420ac589ee4aa2c5ad7
push id8406
push usermrbkap@mozilla.com
push dateThu, 06 Aug 2009 02:34:39 +0000
treeherdermozilla-central@5c913c4662d8 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
bugs508483
milestone1.9.2a1pre
Bug 508483 - Don't try to create XPCNativeWrappers around a double-wrapped object. r+sr=jst
js/src/xpconnect/src/XPCChromeObjectWrapper.cpp
--- a/js/src/xpconnect/src/XPCChromeObjectWrapper.cpp
+++ b/js/src/xpconnect/src/XPCChromeObjectWrapper.cpp
@@ -251,17 +251,18 @@ XPC_COW_RewrapForChrome(JSContext *cx, J
   JSObject *obj = GetWrappedJSObject(cx, JSVAL_TO_OBJECT(v));
   if (!obj) {
     *vp = JSVAL_NULL;
     return JS_TRUE;
   }
 
   XPCWrappedNative *wn;
   if (IS_WRAPPER_CLASS(STOBJ_GET_CLASS(obj)) &&
-      (wn = XPCWrappedNative::GetWrappedNativeOfJSObject(cx, obj))) {
+      (wn = XPCWrappedNative::GetWrappedNativeOfJSObject(cx, obj)) &&
+      !nsXPCWrappedJSClass::IsWrappedJS(wn->Native())) {
     // Return an explicit XPCNativeWrapper in case "chrome" code happens to be
     // XBL code cloned into an untrusted context.
     return XPCNativeWrapperCtor(cx, obj, 1, vp, vp);
   }
 
   return XPC_SJOW_Construct(cx, obj, 1, vp, vp);
 }