Bug 162985 - getInternalObjcObject should validate the JSManagedObject's value.
Summary: getInternalObjcObject should validate the JSManagedObject's value.
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: New Bugs (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Keith Miller
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2016-10-05 14:08 PDT by Keith Miller
Modified: 2016-10-06 13:16 PDT (History)
4 users (show)

See Also:

Attachments
Patch (1.63 KB, patch)
2016-10-05 14:10 PDT, Keith Miller 		no flags Details | Formatted Diff | Diff
Patch (3.28 KB, patch)
2016-10-05 18:59 PDT, Keith Miller 		no flags Details | Formatted Diff | Diff
Patch for landing (2.87 KB, patch)
2016-10-06 12:42 PDT, Keith Miller 		no flags Details | Formatted Diff | Diff
Show Obsolete (2) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Keith Miller 2016-10-05 14:08:01 PDT 
getInternalObjcObject should validate the JSManagedObject's value.
Comment 1 Keith Miller 2016-10-05 14:10:02 PDT 
Created attachment 290748 [details]
Patch
Comment 2 Keith Miller 2016-10-05 14:48:43 PDT 
Comment on attachment 290748 [details]
Patch

I'm not sure how to test this. If anyone has ideas that would be great.
Comment 3 Geoffrey Garen 2016-10-05 15:25:09 PDT 
Comment on attachment 290748 [details]
Patch

I think you could write an API test that went out of its way to garbage collect a JSManagedValue's value.
Comment 4 Keith Miller 2016-10-05 18:59:37 PDT 
Created attachment 290771 [details]
Patch
Comment 5 Keith Miller 2016-10-05 19:01:36 PDT 
(In reply to comment #3)
> Comment on attachment 290748 [details]
> Patch
> 
> I think you could write an API test that went out of its way to garbage
> collect a JSManagedValue's value.

I tried writing a test but it doesn't seem to work. Perhaps I did something wrong. My Objective-C knowledge is limited.
Comment 6 Geoffrey Garen 2016-10-06 11:54:37 PDT 
Comment on attachment 290771 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=290771&action=review

> Source/JavaScriptCore/API/tests/testapi.mm:1189
> +            JSValue *object = [JSValue valueWithNewObjectInContext:context];

This is an autoreleased value so you need a tighter autorelease pool to avoid a strong reference to 'object'.
Comment 7 Keith Miller 2016-10-06 12:42:13 PDT 
Created attachment 290851 [details]
Patch for landing
Comment 8 WebKit Commit Bot 2016-10-06 13:16:21 PDT 
Comment on attachment 290851 [details]
Patch for landing

Clearing flags on attachment: 290851

Committed r206876: <http://trac.webkit.org/changeset/206876>
Comment 9 WebKit Commit Bot 2016-10-06 13:16:24 PDT 
All reviewed patches have been landed.  Closing bug.