Switch compartments when walking stacks (bug 608800, r=mrbkap).
authorAndreas Gal <gal@mozilla.com>
Mon, 01 Nov 2010 16:18:01 -0700
changeset 57674 ceae364726902763a621b46cbca5af868a6e74be
parent 57673 9a16d6dfa3c43f08b02d19b2910e651bcc95dba4
child 57675 2098bd53381e97dfdf772c9e34e7353b6e24600d
push idunknown
push userunknown
push dateunknown
reviewersmrbkap
bugs608800
milestone2.0b8pre
Switch compartments when walking stacks (bug 608800, r=mrbkap).
js/src/jsexn.cpp
--- a/js/src/jsexn.cpp
+++ b/js/src/jsexn.cpp
@@ -56,16 +56,17 @@
 #include "jsfun.h"
 #include "jsinterp.h"
 #include "jsnum.h"
 #include "jsobj.h"
 #include "jsopcode.h"
 #include "jsscope.h"
 #include "jsscript.h"
 #include "jsstaticcheck.h"
+#include "jswrapper.h"
 
 #include "jscntxtinlines.h"
 #include "jsinterpinlines.h"
 #include "jsobjinlines.h"
 
 using namespace js;
 using namespace js::gc;
 
@@ -540,19 +541,24 @@ js_ErrorFromException(JSContext *cx, jsv
 }
 
 static JSString *
 ValueToShortSource(JSContext *cx, jsval v)
 {
     JSString *str;
 
     /* Avoid toSource bloat and fallibility for object types. */
-    if (JSVAL_IS_PRIMITIVE(v)) {
-        str = js_ValueToSource(cx, Valueify(v));
-    } else if (VALUE_IS_FUNCTION(cx, v)) {
+    if (JSVAL_IS_PRIMITIVE(v))
+        return js_ValueToSource(cx, Valueify(v));
+
+    AutoCompartment ac(cx, JSVAL_TO_OBJECT(v));
+    if (!ac.enter())
+        return NULL;
+
+    if (VALUE_IS_FUNCTION(cx, v)) {
         /*
          * XXX Avoid function decompilation bloat for now.
          */
         str = JS_GetFunctionId(JS_ValueToFunction(cx, v));
         if (!str && !(str = js_ValueToSource(cx, Valueify(v)))) {
             /*
              * Continue to soldier on if the function couldn't be
              * converted into a string.
@@ -565,16 +571,21 @@ ValueToShortSource(JSContext *cx, jsval 
          * XXX Avoid toString on objects, it takes too long and uses too much
          * memory, for too many classes (see Mozilla bug 166743).
          */
         char buf[100];
         JS_snprintf(buf, sizeof buf, "[object %s]",
                     JSVAL_TO_OBJECT(v)->getClass()->name);
         str = JS_NewStringCopyZ(cx, buf);
     }
+
+    ac.leave();
+
+    if (!str || !cx->compartment->wrap(cx, &str))
+        return NULL;
     return str;
 }
 
 static JSString *
 StackTraceToString(JSContext *cx, JSExnPrivate *priv)
 {
     jschar *stackbuf;
     size_t stacklen, stackmax;