Commit 471c0d29 authored by ager@chromium.org's avatar ager@chromium.org

Avoid callbacks to user code during error formatting in a couple of

other situations.

Do not use overwritten Object.prototype.hasOwnProperty and
Array.prototype.pop. Do not use split and join in the error formatting
implementation. They are too big to control and their generality is
not needed.

Review URL: http://codereview.chromium.org/6287041

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6552 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
parent 5264d17d
......@@ -171,8 +171,9 @@ function Join(array, length, separator, convert) {
}
return %StringBuilderConcat(elements, length2, '');
} finally {
// Make sure to pop the visited array no matter what happens.
if (is_array) visited_arrays.pop();
// Make sure to remove the last element of the visited array no
// matter what happens.
if (is_array) visited_arrays.length = visited_arrays.length - 1;
}
}
......
This diff is collapsed.
......@@ -1084,9 +1084,9 @@ ErrorMirror.prototype.toText = function() {
// Use the same text representation as in messages.js.
var text;
try {
str = builtins.ToDetailString(this.value_);
str = %_CallFunction(this.value_, builtins.errorToString);
} catch (e) {
str = '#<an Error>';
str = '#<Error>';
}
return str;
}
......
......@@ -2369,13 +2369,25 @@ static void check_reference_error_message(
}
// Test that overwritten toString methods are not invoked on uncaught
// exception formatting. However, they are invoked when performing
// normal error string conversions.
static v8::Handle<Value> Fail(const v8::Arguments& args) {
ApiTestFuzzer::Fuzz();
CHECK(false);
return v8::Undefined();
}
// Test that overwritten methods are not invoked on uncaught exception
// formatting. However, they are invoked when performing normal error
// string conversions.
TEST(APIThrowMessageOverwrittenToString) {
v8::HandleScope scope;
v8::V8::AddMessageListener(check_reference_error_message);
LocalContext context;
Local<ObjectTemplate> templ = ObjectTemplate::New();
templ->Set(v8_str("fail"), v8::FunctionTemplate::New(Fail));
LocalContext context(NULL, templ);
CompileRun("Array.prototype.pop = fail;");
CompileRun("Object.prototype.hasOwnProperty = fail;");
CompileRun("Object.prototype.toString = function f() { return 'Yikes'; }");
CompileRun("Number.prototype.toString = function f() { return 'Yikes'; }");
CompileRun("String.prototype.toString = function f() { return 'Yikes'; }");
CompileRun("ReferenceError.prototype.toString ="
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment