Bug 33371

Summary: Infinite recursion in RuntimeObjectImp::getOwnPropertyNames()
Product: WebKit Reporter: Kent Hansen <kent.hansen>
Component: WebCore JavaScriptAssignee: Kent Hansen <kent.hansen>
Status: RESOLVED FIXED    
Severity: Normal CC: commit-queue, darin, webkit.review.bot
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: PC   
OS: OS X 10.5   
Attachments:
Description Flags
Proposed patch
ggaren: review+, kent.hansen: commit-queue-
Revised patch
none
Revised patch (remove unused parameter name) none

Kent Hansen
Reported 2010-01-08 03:02:20 PST
This causes a crash if Object.keys is called on a plugin object, for example.
Attachments
Proposed patch (3.36 KB, patch)
2010-01-08 03:12 PST, Kent Hansen 		ggaren: review+
kent.hansen: commit-queue-
DetailsFormatted DiffDiff
Revised patch (3.53 KB, patch)
2010-01-13 02:18 PST, Kent Hansen 		no flags
DetailsFormatted DiffDiff
Revised patch (remove unused parameter name) (3.53 KB, patch)
2010-01-13 04:38 PST, Kent Hansen 		no flags
DetailsFormatted DiffDiff
Show Obsolete (2) View All Add attachment proposed patch, testcase, etc.
Kent Hansen
Comment 1 2010-01-08 03:12:13 PST
Created attachment 46126 [details] Proposed patch Patch needs to be adapted once the patch for https://bugs.webkit.org/show_bug.cgi?id=32242 is landed.
WebKit Review Bot
Comment 2 2010-01-08 03:15:46 PST
style-queue ran check-webkit-style on attachment 46126 [details] without any errors.
Geoffrey Garen
Comment 3 2010-01-08 10:11:24 PST
Comment on attachment 46126 [details] Proposed patch r=me, but this can't land until the other patch does.
Kent Hansen
Comment 4 2010-01-13 02:18:04 PST
Created attachment 46439 [details] Revised patch Yay, that other monster patch finally landed. :)
Kent Hansen
Comment 5 2010-01-13 03:30:01 PST
(In reply to comment #4) > Created an attachment (id=46439) [details] > Revised patch I didn't remove the unused mode parameter name. Style bot didn't complain (and check-webkit-style doesn't if I remove the name, either). Is it an unwritten style rule that the name should/should not be present if the argument is unused, or is it a dontcare?
Kent Hansen
Comment 6 2010-01-13 04:38:06 PST
Created attachment 46445 [details] Revised patch (remove unused parameter name) Ouch, with the unused parameter name, Safari didn't build for me (warnings treated as errors). Whereas on the Qt port, unused parameter warnings are just disabled. That's a bit odd.
Darin Adler
Comment 7 2010-01-13 09:26:18 PST
Comment on attachment 46445 [details] Revised patch (remove unused parameter name) Since this patch includes a new regression test, it also needs to include the expected results for that test. The patch otherwise looks great!
Kent Hansen
Comment 8 2010-01-14 01:16:02 PST
(In reply to comment #7) > (From update of attachment 46445 [details]) > Since this patch includes a new regression test, it also needs to include the > expected results for that test. The patch otherwise looks great! The test will continue to say SUCCESS if all of it succeeds (including the new part), like before. But it now has a new potential FAILURE output. So the expected results don't need to be changed, unless you want me to change the test to have separate PASS output for each "part" of the test.
Kent Hansen
Comment 9 2010-01-14 01:48:31 PST
Comment on attachment 46445 [details] Revised patch (remove unused parameter name) Confused about Darin's comment (see my response in comment #8), setting review? again in hope of being advised before I do any more changes to the test.
Darin Adler
Comment 10 2010-01-14 11:01:24 PST
(In reply to comment #8) > The test will continue to say SUCCESS if all of it succeeds (including the new > part), like before. But it now has a new potential FAILURE output. > So the expected results don't need to be changed, unless you want me to change > the test to have separate PASS output for each "part" of the test. OK. My mistake.
WebKit Commit Bot
Comment 11 2010-01-14 12:13:36 PST
Comment on attachment 46445 [details] Revised patch (remove unused parameter name) Clearing flags on attachment: 46445 Committed r53285: <http://trac.webkit.org/changeset/53285>
WebKit Commit Bot
Comment 12 2010-01-14 12:13:42 PST
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.