Help
Sign In
thereisonlyxul
/
smpatches-release
mirror of https://gitlab.com/frg/seamonkey-253-patches.git
2
0
Fork 0
Files
Browse Source

the forgotten patch

Frank-Rainer Grahl 8 months ago
parent
5d519a3e18
commit
22cd6b6e4e
2 changed files with 49 additions and 0 deletions
Split View Show Diff Stats
  1. 48 0
      mozilla-release/patches/1401146-58a1.patch
  2. 1 0
      mozilla-release/patches/series

+ 48 - 0
mozilla-release/patches/1401146-58a1.patch
View File 

@@ -0,0 +1,48 @@
 
+# HG changeset patch
 
+# User Andre Bargull <andre.bargull@gmail.com>
 
+# Date 1505821020 -7200
 
+#      Tue Sep 19 13:37:00 2017 +0200
 
+# Node ID e986a5b71a67eb21817560df77c3def5db3da103
 
+# Parent  05438478048521aaf9f2f874660c8f9b16819140
 
+Bug 1401146 - Avoid rooting for native prototypes in js::NativeHasProperty. r=jandem
 
+
 
+diff --git a/js/src/vm/NativeObject.cpp b/js/src/vm/NativeObject.cpp
 
+--- a/js/src/vm/NativeObject.cpp
 
++++ b/js/src/vm/NativeObject.cpp
 
+@@ -2020,31 +2020,33 @@ js::NativeHasProperty(JSContext* cx, Han
 
+         // done can be true in exactly these unlikely-sounding cases:
 
+         // - We're looking up an element, and pobj is a TypedArray that
 
+         //   doesn't have that many elements.
 
+         // - We're being called from a resolve hook to assign to the property
 
+         //   being resolved.
 
+         // What they all have in common is we do not want to keep walking
 
+         // the prototype chain, and always claim that the property
 
+         // doesn't exist.
 
+-        RootedObject proto(cx, done ? nullptr : pobj->staticPrototype());
 
++        JSObject* proto = done ? nullptr : pobj->staticPrototype();
 
+ 
+         // Step 8.
 
+         if (!proto) {
 
+             *foundp = false;
 
+             return true;
 
+         }
 
+ 
+         // Step 7.a. If the prototype is also native, this step is a
 
+         // recursive tail call, and we don't need to go through all the
 
+         // plumbing of HasProperty; the top of the loop is where
 
+         // we're going to end up anyway. But if pobj is non-native,
 
+         // that optimization would be incorrect.
 
+-        if (!proto->isNative())
 
+-            return HasProperty(cx, proto, id, foundp);
 
++        if (!proto->isNative()) {
 
++            RootedObject protoRoot(cx, proto);
 
++            return HasProperty(cx, protoRoot, id, foundp);
 
++        }
 
+ 
+         pobj = &proto->as<NativeObject>();
 
+     }
 
+ }
 
+ 
+ 
+ /*** [[GetOwnPropertyDescriptor]] ****************************************************************/
 
+

+ 1 - 0
mozilla-release/patches/series
View File 

@@ -66,6 +66,7 @@
 
 1394804-3-57a1.patch
 
 1391421-2no1-58a1.patch
 
 1391421-4no3or5to9-58a1.patch
 
+1401146-58a1.patch
 
 1400846-58a1.patch
 
 1401187-1-58a1.patch
 
 1401187-2-58a1.patch