Summary: | ProxyObject should not be allow to access its target's private properties. | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | WebKit | Reporter: | Mark Lam <mark.lam> | ||||||
Component: | JavaScriptCore | Assignee: | Mark Lam <mark.lam> | ||||||
Status: | RESOLVED FIXED | ||||||||
Severity: | Normal | CC: | ews-watchlist, fpizlo, keith_miller, msaboff, rmorisset, ryanhaddad, saam, tzagallo, webkit-bug-importer, ysuzuki | ||||||
Priority: | P2 | Keywords: | InRadar | ||||||
Version: | WebKit Nightly Build | ||||||||
Hardware: | Unspecified | ||||||||
OS: | Unspecified | ||||||||
See Also: | https://bugs.webkit.org/show_bug.cgi?id=200788 | ||||||||
Bug Depends on: | 200829 | ||||||||
Bug Blocks: | |||||||||
Attachments: |
|
Description
Mark Lam
2019-08-14 15:39:38 PDT
Created attachment 376324 [details]
proposed patch.
Comment on attachment 376324 [details]
proposed patch.
r=me
Comment on attachment 376324 [details] proposed patch. Attachment 376324 [details] did not pass jsc-ews (mac): Output: https://webkit-queues.webkit.org/results/12914309 New failing tests: stress/proxy-with-private-symbols.js.ftl-no-cjit-no-inline-validate stress/proxy-with-private-symbols.js.dfg-eager-no-cjit-validate stress/proxy-with-private-symbols.js.ftl-no-cjit-no-put-stack-validate stress/proxy-with-private-symbols.js.no-ftl stress/proxy-with-private-symbols.js.ftl-no-cjit-validate-sampling-profiler stress/proxy-with-private-symbols.js.no-cjit-validate-phases stress/proxy-with-private-symbols.js.ftl-no-cjit-small-pool stress/proxy-with-private-symbols.js.dfg-maximal-flush-validate-no-cjit stress/proxy-with-private-symbols.js.default stress/proxy-with-private-symbols.js.ftl-eager-no-cjit stress/proxy-with-private-symbols.js.mini-mode stress/proxy-with-private-symbols.js.bytecode-cache stress/proxy-with-private-symbols.js.ftl-eager stress/proxy-with-private-symbols.js.dfg-eager stress/proxy-with-private-symbols.js.ftl-no-cjit-b3o0 stress/proxy-with-private-symbols.js.ftl-eager-no-cjit-b3o1 stress/proxy-with-private-symbols.js.no-cjit-collect-continuously stress/proxy-with-private-symbols.js.no-llint Created attachment 376346 [details]
patch for landing.
Thanks for the review. Landed in r248709: <http://trac.webkit.org/r248709>. Reverted r248709 for reason: Caused test/built-ins/Promise/prototype/finally/this-value-non-promise.js to fail on test262 bot Committed r248786: <https://trac.webkit.org/changeset/248786> (In reply to Ryan Haddad from comment #6) > Reverted r248709 for reason: > > Caused test/built-ins/Promise/prototype/finally/this-value-non-promise.js to > fail on test262 bot > > Committed r248786: <https://trac.webkit.org/changeset/248786> Details in https://bugs.webkit.org/show_bug.cgi?id=200788 Re-landed in r248796: <http://trac.webkit.org/r248796>. |