summaryrefslogtreecommitdiffstats
path: root/src/script
diff options
context:
space:
mode:
authorKent Hansen <kent.hansen@nokia.com>2010-11-08 14:03:05 (GMT)
committerKent Hansen <kent.hansen@nokia.com>2010-11-08 14:50:00 (GMT)
commit626f13421baf258407f03e3bf21ed67138d55ea4 (patch)
tree9d445d9b709f57734c515e752c46d8c3bf9704cd /src/script
parenta3a84a872bb731d375a431626ccfcde5a660dd72 (diff)
downloadQt-626f13421baf258407f03e3bf21ed67138d55ea4.zip
Qt-626f13421baf258407f03e3bf21ed67138d55ea4.tar.gz
Qt-626f13421baf258407f03e3bf21ed67138d55ea4.tar.bz2
Don't crash if QScriptClass property getter returns an invalid value
It's possible that a class claims to have a property of a given name (i.e. queryProperty() returns true), but returns an invalid value for that property. In that case we should silently convert the value to undefined, otherwise the value may wreak havoc in JS. This is a regression from Qt 4.5 (pre-JavaScriptCore-based), which had this check. Task-number: QTBUG-15079 Reviewed-by: Jedrzej Nowacki
Diffstat (limited to 'src/script')
-rw-r--r--src/script/bridge/qscriptclassobject.cpp12
1 files changed, 12 insertions, 0 deletions
diff --git a/src/script/bridge/qscriptclassobject.cpp b/src/script/bridge/qscriptclassobject.cpp
index dd229f1..228e755 100644
--- a/src/script/bridge/qscriptclassobject.cpp
+++ b/src/script/bridge/qscriptclassobject.cpp
@@ -78,6 +78,12 @@ bool ClassObjectDelegate::getOwnPropertySlot(QScriptObject* object,
scriptObject, scriptName, QScriptClass::HandlesReadAccess, &id);
if (flags & QScriptClass::HandlesReadAccess) {
QScriptValue value = m_scriptClass->property(scriptObject, scriptName, id);
+ if (!value.isValid()) {
+ // The class claims to have the property, but returned an invalid
+ // value. Silently convert to undefined to avoid the invalid value
+ // "escaping" into JS.
+ value = QScriptValue(QScriptValue::UndefinedValue);
+ }
slot.setValue(engine->scriptValueToJSCValue(value));
return true;
}
@@ -119,6 +125,12 @@ bool ClassObjectDelegate::getOwnPropertyDescriptor(QScriptObject *object,
attribs |= pflags & QScriptValue::UserRange;
// Rather than calling the getter, we could return an access descriptor here.
QScriptValue value = m_scriptClass->property(scriptObject, scriptName, id);
+ if (!value.isValid()) {
+ // The class claims to have the property, but returned an invalid
+ // value. Silently convert to undefined to avoid the invalid value
+ // "escaping" into JS.
+ value = QScriptValue(QScriptValue::UndefinedValue);
+ }
descriptor.setDescriptor(engine->scriptValueToJSCValue(value), attribs);
return true;
}