Bug 498543 - Null-checking JS_THIS_OBJECT Results. r=jwalden
authorFelix Fung <ffung@mozilla.com>
Thu, 01 Dec 2011 13:30:28 -0800
changeset 82766 c2e914523306586d33e30f4da958298fa11f7742
parent 82765 f05700c5c0318931505a705a0e2d1f0b9aa7073c
child 82767 d32ccb2b8a0554e62c77fd692e98c7558bf9397c
push id519
push userakeybl@mozilla.com
push dateWed, 01 Feb 2012 00:38:35 +0000
treeherdermozilla-beta@788ea1ef610b [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersjwalden
bugs498543
milestone11.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 498543 - Null-checking JS_THIS_OBJECT Results. r=jwalden
dom/workers/EventTarget.cpp
dom/workers/Events.cpp
dom/workers/Exceptions.cpp
dom/workers/File.cpp
dom/workers/FileReaderSync.cpp
dom/workers/Worker.cpp
dom/workers/WorkerScope.cpp
dom/workers/XMLHttpRequest.cpp
js/xpconnect/src/XPCComponents.cpp
js/xpconnect/wrappers/XrayWrapper.cpp
storage/src/mozStorageStatementJSHelper.cpp
toolkit/components/telemetry/Telemetry.cpp
--- a/dom/workers/EventTarget.cpp
+++ b/dom/workers/EventTarget.cpp
@@ -134,16 +134,19 @@ EventTarget::FromJSObject(JSContext* aCx
   return GetPrivate(aCx, aObj);
 }
 
 // static
 JSBool
 EventTarget::AddEventListener(JSContext* aCx, uintN aArgc, jsval* aVp)
 {
   JSObject* obj = JS_THIS_OBJECT(aCx, aVp);
+  if (!obj) {
+    return true;
+  }
 
   EventTarget* self = GetPrivate(aCx, obj);
   if (!self) {
     return true;
   }
 
   JSString* type;
   JSObject* listener;
@@ -162,16 +165,19 @@ EventTarget::AddEventListener(JSContext*
                                                  capturing, wantsUntrusted);
 }
 
 // static
 JSBool
 EventTarget::RemoveEventListener(JSContext* aCx, uintN aArgc, jsval* aVp)
 {
   JSObject* obj = JS_THIS_OBJECT(aCx, aVp);
+  if (!obj) {
+    return true;
+  }
 
   EventTarget* self = GetPrivate(aCx, obj);
   if (!self) {
     return true;
   }
 
   JSString* type;
   JSObject* listener;
@@ -190,16 +196,19 @@ EventTarget::RemoveEventListener(JSConte
                                                     capturing);
 }
 
 // static
 JSBool
 EventTarget::DispatchEvent(JSContext* aCx, uintN aArgc, jsval* aVp)
 {
   JSObject* obj = JS_THIS_OBJECT(aCx, aVp);
+  if (!obj) {
+    return true;
+  }
 
   EventTarget* self = GetPrivate(aCx, obj);
   if (!self) {
     return true;
   }
 
   JSObject* event;
   if (!JS_ConvertArguments(aCx, aArgc, JS_ARGV(aCx, aVp), "o", &event)) {
--- a/dom/workers/Events.cpp
+++ b/dom/workers/Events.cpp
@@ -312,46 +312,55 @@ private:
     *aVp = INT_TO_JSVAL(JSID_TO_INT(idval));
     return true;
   }
 
   static JSBool
   StopPropagation(JSContext* aCx, uintN aArgc, jsval* aVp)
   {
     JSObject* obj = JS_THIS_OBJECT(aCx, aVp);
+    if (!obj) {
+      return false;
+    }
 
     Event* event = GetInstancePrivate(aCx, obj, sFunctions[0].name);
     if (!event) {
       return false;
     }
 
     event->mStopPropagationCalled = true;
 
     return true;
   }
 
   static JSBool
   StopImmediatePropagation(JSContext* aCx, uintN aArgc, jsval* aVp)
   {
     JSObject* obj = JS_THIS_OBJECT(aCx, aVp);
+    if (!obj) {
+      return false;
+    }
 
     Event* event = GetInstancePrivate(aCx, obj, sFunctions[3].name);
     if (!event) {
       return false;
     }
 
     event->mStopImmediatePropagationCalled = true;
 
     return true;
   }
   
   static JSBool
   PreventDefault(JSContext* aCx, uintN aArgc, jsval* aVp)
   {
     JSObject* obj = JS_THIS_OBJECT(aCx, aVp);
+    if (!obj) {
+      return false;
+    }
 
     Event* event = GetInstancePrivate(aCx, obj, sFunctions[1].name);
     if (!event) {
       return false;
     }
 
     jsval cancelableVal;
     if (!GetPropertyCommon(aCx, obj, SLOT_cancelable, &cancelableVal)) {
@@ -362,16 +371,19 @@ private:
            JS_SetReservedSlot(aCx, obj, SLOT_defaultPrevented, cancelableVal) :
            true;
   }
 
   static JSBool
   InitEvent(JSContext* aCx, uintN aArgc, jsval* aVp)
   {
     JSObject* obj = JS_THIS_OBJECT(aCx, aVp);
+    if (!obj) {
+      return false;
+    }
 
     Event* event = GetInstancePrivate(aCx, obj, sFunctions[2].name);
     if (!event) {
       return false;
     }
 
     JSString* type;
     JSBool bubbles, cancelable;
@@ -622,16 +634,19 @@ private:
 
     return JS_GetReservedSlot(aCx, aObj, slot, aVp);
   }
 
   static JSBool
   InitMessageEvent(JSContext* aCx, uintN aArgc, jsval* aVp)
   {
     JSObject* obj = JS_THIS_OBJECT(aCx, aVp);
+    if (!obj) {
+      return false;
+    }
 
     MessageEvent* event = GetInstancePrivate(aCx, obj, sFunctions[0].name);
     if (!event) {
       return false;
     }
 
     JSString* type, *data, *origin;
     JSBool bubbles, cancelable;
@@ -818,16 +833,19 @@ private:
 
     return JS_GetReservedSlot(aCx, aObj, slot, aVp);
   }
 
   static JSBool
   InitErrorEvent(JSContext* aCx, uintN aArgc, jsval* aVp)
   {
     JSObject* obj = JS_THIS_OBJECT(aCx, aVp);
+    if (!obj) {
+      return false;
+    }
 
     ErrorEvent* event = GetInstancePrivate(aCx, obj, sFunctions[0].name);
     if (!event) {
       return false;
     }
 
     JSString* type, *message, *filename;
     JSBool bubbles, cancelable;
@@ -1005,16 +1023,19 @@ private:
 
     return JS_GetReservedSlot(aCx, aObj, slot, aVp);
   }
 
   static JSBool
   InitProgressEvent(JSContext* aCx, uintN aArgc, jsval* aVp)
   {
     JSObject* obj = JS_THIS_OBJECT(aCx, aVp);
+    if (!obj) {
+      return false;
+    }
 
     ProgressEvent* event = GetInstancePrivate(aCx, obj, sFunctions[0].name);
     if (!event) {
       return false;
     }
 
     JSString* type;
     JSBool bubbles, cancelable, lengthComputable;
--- a/dom/workers/Exceptions.cpp
+++ b/dom/workers/Exceptions.cpp
@@ -117,16 +117,19 @@ private:
     JS_ASSERT(JS_GET_CLASS(aCx, aObj) == &sClass);
     delete GetJSPrivateSafeish<DOMException>(aCx, aObj);
   }
 
   static JSBool
   ToString(JSContext* aCx, uintN aArgc, jsval* aVp)
   {
     JSObject* obj = JS_THIS_OBJECT(aCx, aVp);
+    if (!obj) {
+      return false;
+    }
 
     JSClass* classPtr;
     if (!obj || ((classPtr = JS_GET_CLASS(aCx, obj)) != &sClass)) {
       JS_ReportErrorNumber(aCx, js_GetErrorMessage, NULL,
                            JSMSG_INCOMPATIBLE_PROTO, sClass.name, "toString",
                            classPtr ? classPtr->name : "object");
       return false;
     }
--- a/dom/workers/File.cpp
+++ b/dom/workers/File.cpp
@@ -180,16 +180,19 @@ private:
 
     return true;
   }
 
   static JSBool
   MozSlice(JSContext* aCx, uintN aArgc, jsval* aVp)
   {
     JSObject* obj = JS_THIS_OBJECT(aCx, aVp);
+    if (!obj) {
+      return false;
+    }
 
     nsIDOMBlob* blob = GetInstancePrivate(aCx, obj, "mozSlice");
     if (!blob) {
       return false;
     }
 
     jsdouble start = 0, end = 0;
     JSString* jsContentType = JS_GetEmptyString(JS_GetRuntime(aCx));
--- a/dom/workers/FileReaderSync.cpp
+++ b/dom/workers/FileReaderSync.cpp
@@ -175,16 +175,19 @@ private:
       GetJSPrivateSafeish<FileReaderSyncPrivate>(aCx, aObj);
     NS_IF_RELEASE(fileReader);
   }
 
   static JSBool
   ReadAsArrayBuffer(JSContext* aCx, uintN aArgc, jsval* aVp)
   {
     JSObject* obj = JS_THIS_OBJECT(aCx, aVp);
+    if (!obj) {
+      return false;
+    }
 
     FileReaderSyncPrivate* fileReader =
       GetInstancePrivate(aCx, obj, "readAsArrayBuffer");
     if (!fileReader) {
       return false;
     }
 
     JSObject* jsBlob;
@@ -219,16 +222,19 @@ private:
     JS_SET_RVAL(aCx, aVp, OBJECT_TO_JSVAL(jsArrayBuffer));
     return true;
   }
 
   static JSBool
   ReadAsDataURL(JSContext* aCx, uintN aArgc, jsval* aVp)
   {
     JSObject* obj = JS_THIS_OBJECT(aCx, aVp);
+    if (!obj) {
+      return false;
+    }
 
     FileReaderSyncPrivate* fileReader =
       GetInstancePrivate(aCx, obj, "readAsDataURL");
     if (!fileReader) {
       return false;
     }
 
     JSObject* jsBlob;
@@ -256,16 +262,19 @@ private:
     JS_SET_RVAL(aCx, aVp, STRING_TO_JSVAL(jsBlobText));
     return true;
   }
 
   static JSBool
   ReadAsBinaryString(JSContext* aCx, uintN aArgc, jsval* aVp)
   {
     JSObject* obj = JS_THIS_OBJECT(aCx, aVp);
+    if (!obj) {
+      return false;
+    }
 
     FileReaderSyncPrivate* fileReader =
       GetInstancePrivate(aCx, obj, "readAsBinaryString");
     if (!fileReader) {
       return false;
     }
 
     JSObject* jsBlob;
@@ -293,16 +302,19 @@ private:
     JS_SET_RVAL(aCx, aVp, STRING_TO_JSVAL(jsBlobText));
     return true;
   }
 
   static JSBool
   ReadAsText(JSContext* aCx, uintN aArgc, jsval* aVp)
   {
     JSObject* obj = JS_THIS_OBJECT(aCx, aVp);
+    if (!obj) {
+      return false;
+    }
 
     FileReaderSyncPrivate* fileReader =
       GetInstancePrivate(aCx, obj, "readAsText");
     if (!fileReader) {
       return false;
     }
 
     JSObject* jsBlob;
--- a/dom/workers/Worker.cpp
+++ b/dom/workers/Worker.cpp
@@ -262,30 +262,36 @@ private:
       worker->TraceInstance(aTrc);
     }
   }
 
   static JSBool
   Terminate(JSContext* aCx, uintN aArgc, jsval* aVp)
   {
     JSObject* obj = JS_THIS_OBJECT(aCx, aVp);
+    if (!obj) {
+      return false;
+    }
 
     const char*& name = sFunctions[0].name;
     WorkerPrivate* worker = GetInstancePrivate(aCx, obj, name);
     if (!worker) {
       return !JS_IsExceptionPending(aCx);
     }
 
     return worker->Terminate(aCx);
   }
 
   static JSBool
   PostMessage(JSContext* aCx, uintN aArgc, jsval* aVp)
   {
     JSObject* obj = JS_THIS_OBJECT(aCx, aVp);
+    if (!obj) {
+      return false;
+    }
 
     const char*& name = sFunctions[1].name;
     WorkerPrivate* worker = GetInstancePrivate(aCx, obj, name);
     if (!worker) {
       return !JS_IsExceptionPending(aCx);
     }
 
     jsval message;
--- a/dom/workers/WorkerScope.cpp
+++ b/dom/workers/WorkerScope.cpp
@@ -381,29 +381,35 @@ private:
     *aVp = scope->mSlots[SLOT_navigator];
     return true;
   }
 
   static JSBool
   Close(JSContext* aCx, uintN aArgc, jsval* aVp)
   {
     JSObject* obj = JS_THIS_OBJECT(aCx, aVp);
+    if (!obj) {
+      return false;
+    }
 
     WorkerGlobalScope* scope = GetInstancePrivate(aCx, obj, sFunctions[0].name);
     if (!scope) {
       return false;
     }
 
     return scope->mWorker->CloseInternal(aCx);
   }
 
   static JSBool
   ImportScripts(JSContext* aCx, uintN aArgc, jsval* aVp)
   {
     JSObject* obj = JS_THIS_OBJECT(aCx, aVp);
+    if (!obj) {
+      return false;
+    }
 
     WorkerGlobalScope* scope = GetInstancePrivate(aCx, obj, sFunctions[1].name);
     if (!scope) {
       return false;
     }
 
     if (aArgc && !scriptloader::Load(aCx, aArgc, JS_ARGV(aCx, aVp))) {
       return false;
@@ -411,16 +417,19 @@ private:
 
     return true;
   }
 
   static JSBool
   SetTimeout(JSContext* aCx, uintN aArgc, jsval* aVp)
   {
     JSObject* obj = JS_THIS_OBJECT(aCx, aVp);
+    if (!obj) {
+      return false;
+    }
 
     WorkerGlobalScope* scope = GetInstancePrivate(aCx, obj, sFunctions[2].name);
     if (!scope) {
       return false;
     }
 
     jsval dummy;
     if (!JS_ConvertArguments(aCx, aArgc, JS_ARGV(aCx, aVp), "v", &dummy)) {
@@ -429,16 +438,19 @@ private:
 
     return scope->mWorker->SetTimeout(aCx, aArgc, aVp, false);
   }
 
   static JSBool
   ClearTimeout(JSContext* aCx, uintN aArgc, jsval* aVp)
   {
     JSObject* obj = JS_THIS_OBJECT(aCx, aVp);
+    if (!obj) {
+      return false;
+    }
 
     WorkerGlobalScope* scope = GetInstancePrivate(aCx, obj, sFunctions[3].name);
     if (!scope) {
       return false;
     }
 
     uint32 id;
     if (!JS_ConvertArguments(aCx, aArgc, JS_ARGV(aCx, aVp), "u", &id)) {
@@ -447,16 +459,19 @@ private:
 
     return scope->mWorker->ClearTimeout(aCx, id);
   }
 
   static JSBool
   SetInterval(JSContext* aCx, uintN aArgc, jsval* aVp)
   {
     JSObject* obj = JS_THIS_OBJECT(aCx, aVp);
+    if (!obj) {
+      return false;
+    }
 
     WorkerGlobalScope* scope = GetInstancePrivate(aCx, obj, sFunctions[4].name);
     if (!scope) {
       return false;
     }
 
     jsval dummy;
     if (!JS_ConvertArguments(aCx, aArgc, JS_ARGV(aCx, aVp), "v", &dummy)) {
@@ -465,16 +480,19 @@ private:
 
     return scope->mWorker->SetTimeout(aCx, aArgc, aVp, true);
   }
 
   static JSBool
   ClearInterval(JSContext* aCx, uintN aArgc, jsval* aVp)
   {
     JSObject* obj = JS_THIS_OBJECT(aCx, aVp);
+    if (!obj) {
+      return false;
+    }
 
     WorkerGlobalScope* scope = GetInstancePrivate(aCx, obj, sFunctions[5].name);
     if (!scope) {
       return false;
     }
 
     uint32 id;
     if (!JS_ConvertArguments(aCx, aArgc, JS_ARGV(aCx, aVp), "u", &id)) {
@@ -482,18 +500,22 @@ private:
     }
 
     return scope->mWorker->ClearTimeout(aCx, id);
   }
 
   static JSBool
   Dump(JSContext* aCx, uintN aArgc, jsval* aVp)
   {
-    if (!GetInstancePrivate(aCx, JS_THIS_OBJECT(aCx, aVp),
-                            sFunctions[6].name)) {
+    JSObject* obj = JS_THIS_OBJECT(aCx, aVp);
+    if (!obj) {
+      return false;
+    }
+
+    if (!GetInstancePrivate(aCx, obj, sFunctions[6].name)) {
       return false;
     }
 
     if (aArgc) {
       JSString* str = JS_ValueToString(aCx, JS_ARGV(aCx, aVp)[0]);
       if (!str) {
         return false;
       }
@@ -508,18 +530,22 @@ private:
     }
 
     return true;
   }
 
   static JSBool
   AtoB(JSContext* aCx, uintN aArgc, jsval* aVp)
   {
-    if (!GetInstancePrivate(aCx, JS_THIS_OBJECT(aCx, aVp),
-                            sFunctions[7].name)) {
+    JSObject* obj = JS_THIS_OBJECT(aCx, aVp);
+    if (!obj) {
+      return false;
+    }
+
+    if (!GetInstancePrivate(aCx, obj, sFunctions[7].name)) {
       return false;
     }
 
     jsval string;
     if (!JS_ConvertArguments(aCx, aArgc, JS_ARGV(aCx, aVp), "v", &string)) {
       return false;
     }
 
@@ -530,18 +556,22 @@ private:
 
     JS_SET_RVAL(aCx, aVp, result);
     return true;
   }
 
   static JSBool
   BtoA(JSContext* aCx, uintN aArgc, jsval* aVp)
   {
-    if (!GetInstancePrivate(aCx, JS_THIS_OBJECT(aCx, aVp),
-                            sFunctions[8].name)) {
+    JSObject* obj = JS_THIS_OBJECT(aCx, aVp);
+    if (!obj) {
+      return false;
+    }
+
+    if (!GetInstancePrivate(aCx, obj, sFunctions[8].name)) {
       return false;
     }
 
     jsval binary;
     if (!JS_ConvertArguments(aCx, aArgc, JS_ARGV(aCx, aVp), "v", &binary)) {
       return false;
     }
 
@@ -749,16 +779,19 @@ private:
       scope->TraceInstance(aTrc);
     }
   }
 
   static JSBool
   PostMessage(JSContext* aCx, uintN aArgc, jsval* aVp)
   {
     JSObject* obj = JS_THIS_OBJECT(aCx, aVp);
+    if (!obj) {
+      return false;
+    }
 
     const char*& name = sFunctions[0].name;
     DedicatedWorkerGlobalScope* scope = GetInstancePrivate(aCx, obj, name);
     if (!scope) {
       return false;
     }
 
     jsval message;
--- a/dom/workers/XMLHttpRequest.cpp
+++ b/dom/workers/XMLHttpRequest.cpp
@@ -600,30 +600,36 @@ private:
 
     return priv->SetEventListenerOnEventTarget(aCx, name + 2, aVp);
   }
 
   static JSBool
   Abort(JSContext* aCx, uintN aArgc, jsval* aVp)
   {
     JSObject* obj = JS_THIS_OBJECT(aCx, aVp);
+    if (!obj) {
+      return false;
+    }
 
     XMLHttpRequestPrivate* priv =
       GetInstancePrivate(aCx, obj, sFunctions[0].name);
     if (!priv) {
       return false;
     }
 
     return priv->Abort(aCx);
   }
 
   static JSBool
   GetAllResponseHeaders(JSContext* aCx, uintN aArgc, jsval* aVp)
   {
     JSObject* obj = JS_THIS_OBJECT(aCx, aVp);
+    if (!obj) {
+      return false;
+    }
 
     XMLHttpRequestPrivate* priv =
       GetInstancePrivate(aCx, obj, sFunctions[1].name);
     if (!priv) {
       return false;
     }
 
     JSString* responseHeaders = priv->GetAllResponseHeaders(aCx);
@@ -634,16 +640,19 @@ private:
     JS_SET_RVAL(aCx, aVp, STRING_TO_JSVAL(responseHeaders));
     return true;
   }
 
   static JSBool
   GetResponseHeader(JSContext* aCx, uintN aArgc, jsval* aVp)
   {
     JSObject* obj = JS_THIS_OBJECT(aCx, aVp);
+    if (!obj) {
+      return false;
+    }
 
     XMLHttpRequestPrivate* priv =
       GetInstancePrivate(aCx, obj, sFunctions[2].name);
     if (!priv) {
       return false;
     }
 
     jsval headerVal;
@@ -670,16 +679,19 @@ private:
     JS_SET_RVAL(aCx, aVp, STRING_TO_JSVAL(value));
     return true;
   }
 
   static JSBool
   Open(JSContext* aCx, uintN aArgc, jsval* aVp)
   {
     JSObject* obj = JS_THIS_OBJECT(aCx, aVp);
+    if (!obj) {
+      return false;
+    }
 
     XMLHttpRequestPrivate* priv =
       GetInstancePrivate(aCx, obj, sFunctions[3].name);
     if (!priv) {
       return false;
     }
 
     JSString* method, *url;
@@ -693,32 +705,38 @@ private:
 
     return priv->Open(aCx, method, url, async, user, password);
   }
 
   static JSBool
   Send(JSContext* aCx, uintN aArgc, jsval* aVp)
   {
     JSObject* obj = JS_THIS_OBJECT(aCx, aVp);
+    if (!obj) {
+      return false;
+    }
 
     XMLHttpRequestPrivate* priv =
       GetInstancePrivate(aCx, obj, sFunctions[4].name);
     if (!priv) {
       return false;
     }
 
     jsval body = aArgc ? JS_ARGV(aCx, aVp)[0] : JSVAL_VOID;
 
     return priv->Send(aCx, !!aArgc, body);
   }
 
   static JSBool
   SendAsBinary(JSContext* aCx, uintN aArgc, jsval* aVp)
   {
     JSObject* obj = JS_THIS_OBJECT(aCx, aVp);
+    if (!obj) {
+      return false;
+    }
 
     XMLHttpRequestPrivate* priv =
       GetInstancePrivate(aCx, obj, sFunctions[5].name);
     if (!priv) {
       return false;
     }
 
     jsval bodyVal;
@@ -739,16 +757,19 @@ private:
 
     return priv->SendAsBinary(aCx, body);
   }
 
   static JSBool
   SetRequestHeader(JSContext* aCx, uintN aArgc, jsval* aVp)
   {
     JSObject* obj = JS_THIS_OBJECT(aCx, aVp);
+    if (!obj) {
+      return false;
+    }
 
     XMLHttpRequestPrivate* priv =
       GetInstancePrivate(aCx, obj, sFunctions[6].name);
     if (!priv) {
       return false;
     }
 
     JSString* header, *value;
@@ -759,16 +780,19 @@ private:
 
     return priv->SetRequestHeader(aCx, header, value);
   }
 
   static JSBool
   OverrideMimeType(JSContext* aCx, uintN aArgc, jsval* aVp)
   {
     JSObject* obj = JS_THIS_OBJECT(aCx, aVp);
+    if (!obj) {
+      return false;
+    }
 
     XMLHttpRequestPrivate* priv =
       GetInstancePrivate(aCx, obj, sFunctions[7].name);
     if (!priv) {
       return false;
     }
 
     JSString* mimeType;
--- a/js/xpconnect/src/XPCComponents.cpp
+++ b/js/xpconnect/src/XPCComponents.cpp
@@ -3899,18 +3899,21 @@ nsXPCComponents_Utils::CreateObjectIn(co
 JSBool
 FunctionWrapper(JSContext *cx, uintN argc, jsval *vp)
 {
     jsval v;
     if (!JS_GetReservedSlot(cx, JSVAL_TO_OBJECT(JS_CALLEE(cx, vp)), 0, &v))
         return false;
     NS_ASSERTION(JSVAL_IS_OBJECT(v), "weird function");
 
-    return JS_CallFunctionValue(cx, JS_THIS_OBJECT(cx, vp), v,
-                                argc, JS_ARGV(cx, vp), vp);
+    JSObject *obj = JS_THIS_OBJECT(cx, vp);
+    if (!obj) {
+        return JS_FALSE;
+    }
+    return JS_CallFunctionValue(cx, obj, v, argc, JS_ARGV(cx, vp), vp);
 }
 
 JSBool
 WrapCallable(JSContext *cx, JSObject *obj, jsid id, JSObject *propobj, jsval *vp)
 {
     JSFunction *fun = JS_NewFunctionById(cx, FunctionWrapper, 0, 0,
                                          JS_GetGlobalForObject(cx, obj), id);
     if (!fun)
--- a/js/xpconnect/wrappers/XrayWrapper.cpp
+++ b/js/xpconnect/wrappers/XrayWrapper.cpp
@@ -445,17 +445,17 @@ nodePrincipal_getter(JSContext *cx, JSOb
     }
     return true;
 }
 
 static JSBool
 XrayToString(JSContext *cx, uintN argc, jsval *vp)
 {
     JSObject *wrapper = JS_THIS_OBJECT(cx, vp);
-    if (!IsWrapper(wrapper) || !WrapperFactory::IsXrayWrapper(wrapper)) {
+    if (!wrapper || !IsWrapper(wrapper) || !WrapperFactory::IsXrayWrapper(wrapper)) {
         JS_ReportError(cx, "XrayToString called on an incompatible object");
         return false;
     }
 
     nsAutoString result(NS_LITERAL_STRING("[object XrayWrapper "));
     if (mozilla::dom::binding::instanceIsProxy(&js::GetProxyPrivate(wrapper).toObject())) {
         JSString *wrapperStr = js::GetProxyHandler(wrapper)->obj_toString(cx, wrapper);
         size_t length;
--- a/storage/src/mozStorageStatementJSHelper.cpp
+++ b/storage/src/mozStorageStatementJSHelper.cpp
@@ -61,19 +61,23 @@ namespace storage {
 static
 JSBool
 stepFunc(JSContext *aCtx,
          PRUint32,
          jsval *_vp)
 {
   nsCOMPtr<nsIXPConnect> xpc(Service::getXPConnect());
   nsCOMPtr<nsIXPConnectWrappedNative> wrapper;
-  nsresult rv = xpc->GetWrappedNativeOfJSObject(
-    aCtx, JS_THIS_OBJECT(aCtx, _vp), getter_AddRefs(wrapper)
-  );
+  JSObject *obj = JS_THIS_OBJECT(aCtx, _vp);
+  if (!obj) {
+    return JS_FALSE;
+  }
+
+  nsresult rv =
+    xpc->GetWrappedNativeOfJSObject(aCtx, obj, getter_AddRefs(wrapper));
   if (NS_FAILED(rv)) {
     ::JS_ReportError(aCtx, "mozIStorageStatement::step() could not obtain native statement");
     return JS_FALSE;
   }
 
 #ifdef DEBUG
   {
     nsCOMPtr<mozIStorageStatement> isStatement(
--- a/toolkit/components/telemetry/Telemetry.cpp
+++ b/toolkit/components/telemetry/Telemetry.cpp
@@ -212,29 +212,37 @@ JSHistogram_Add(JSContext *cx, uintN arg
   }
 
   if (!JS_ValueToECMAInt32(cx, v, &value)) {
     return JS_FALSE;
   }
 
   if (TelemetryImpl::CanRecord()) {
     JSObject *obj = JS_THIS_OBJECT(cx, vp);
+    if (!obj) {
+      return JS_FALSE;
+    }
+
     Histogram *h = static_cast<Histogram*>(JS_GetPrivate(cx, obj));
     if (h->histogram_type() == Histogram::BOOLEAN_HISTOGRAM)
       h->Add(!!value);
     else
       h->Add(value);
   }
   return JS_TRUE;
 }
 
 JSBool
 JSHistogram_Snapshot(JSContext *cx, uintN argc, jsval *vp)
 {
   JSObject *obj = JS_THIS_OBJECT(cx, vp);
+  if (!obj) {
+    return JS_FALSE;
+  }
+
   Histogram *h = static_cast<Histogram*>(JS_GetPrivate(cx, obj));
   JSObject *snapshot = JS_NewObject(cx, NULL, NULL, NULL);
   if (!snapshot)
     return JS_FALSE;
   JS_SET_RVAL(cx, vp, OBJECT_TO_JSVAL(snapshot));
   return ReflectHistogramSnapshot(cx, snapshot, h);
 }