From 9e6407ac53ffa62439a52beb1adc8169664c569a Mon Sep 17 00:00:00 2001
From: Kent Hansen <khansen@trolltech.com>
Date: Tue, 28 Jul 2009 14:39:29 +0200
Subject: don't allow defining getter/setter for __proto__ property

---
 src/script/api/qscriptvalue.cpp              | 13 +++++++++----
 tests/auto/qscriptvalue/tst_qscriptvalue.cpp |  1 -
 2 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/src/script/api/qscriptvalue.cpp b/src/script/api/qscriptvalue.cpp
index d410973..848b319 100644
--- a/src/script/api/qscriptvalue.cpp
+++ b/src/script/api/qscriptvalue.cpp
@@ -1880,10 +1880,15 @@ void QScriptValue::setProperty(const QScriptString &name,
         } else {
             if (jscValue.isObject()) { // ### should check if it has callData()
                 // defining getter/setter
-                if (flags & QScriptValue::PropertyGetter)
-                    thisObject->defineGetter(exec, id, JSC::asObject(jscValue));
-                if (flags & QScriptValue::PropertySetter)
-                    thisObject->defineSetter(exec, id, JSC::asObject(jscValue));
+                if (id == exec->propertyNames().underscoreProto) {
+                    qWarning("QScriptValue::setProperty() failed: "
+                             "cannot set getter or setter of native property `__proto__'");
+                } else {
+                    if (flags & QScriptValue::PropertyGetter)
+                        thisObject->defineGetter(exec, id, JSC::asObject(jscValue));
+                    if (flags & QScriptValue::PropertySetter)
+                        thisObject->defineSetter(exec, id, JSC::asObject(jscValue));
+                }
             } else {
                 qWarning("QScriptValue::setProperty(): getter/setter must be a function");
             }
diff --git a/tests/auto/qscriptvalue/tst_qscriptvalue.cpp b/tests/auto/qscriptvalue/tst_qscriptvalue.cpp
index f454d2e..ac72c29 100644
--- a/tests/auto/qscriptvalue/tst_qscriptvalue.cpp
+++ b/tests/auto/qscriptvalue/tst_qscriptvalue.cpp
@@ -1942,7 +1942,6 @@ void tst_QScriptValue::getSetProperty()
             object6.setProperty("__proto__", fun,
                                 QScriptValue::PropertyGetter | QScriptValue::PropertySetter
                                 | QScriptValue::UserRange);
-            QEXPECT_FAIL("", "Getter/setter shouldn't be allowed to change __proto__ (or should it?)", Continue);
             QVERIFY(object6.property("__proto__").strictlyEquals(object6.prototype()));
 
             object6.setProperty("__proto__", QScriptValue(),
-- 
cgit v0.12