[njs] Accessing the global this object caused segfault.
Igor Sysoev
igor at sysoev.ru
Tue Oct 11 14:52:06 UTC 2016
details: http://hg.nginx.org/njs/rev/a3588250473b
branches:
changeset: 196:a3588250473b
user: Igor Sysoev <igor at sysoev.ru>
date: Tue Oct 11 17:44:05 2016 +0300
description:
Accessing the global this object caused segfault.
diffstat:
njs/njs_builtin.c | 17 ++++++++++-------
njs/njs_generator.c | 1 +
njs/njs_parser.c | 10 ++++++++--
njs/njs_parser.h | 3 ++-
njs/njs_vm.h | 3 ++-
njs/test/njs_unit_test.c | 3 +++
6 files changed, 26 insertions(+), 11 deletions(-)
diffs (105 lines):
diff -r f8cc880d9b9b -r a3588250473b njs/njs_builtin.c
--- a/njs/njs_builtin.c Tue Oct 11 17:44:01 2016 +0300
+++ b/njs/njs_builtin.c Tue Oct 11 17:44:05 2016 +0300
@@ -107,7 +107,8 @@ njs_builtin_objects_create(njs_vm_t *vm)
};
static const njs_object_init_t *object_init[] = {
- &njs_math_object_init,
+ NULL, /* global this */
+ &njs_math_object_init, /* Math */
};
static const njs_object_init_t *function_init[] = {
@@ -164,12 +165,14 @@ njs_builtin_objects_create(njs_vm_t *vm)
objects = vm->shared->objects;
- for (i = NJS_OBJECT_MATH; i < NJS_OBJECT_MAX; i++) {
- ret = njs_object_hash_create(vm, &objects[i].shared_hash,
- object_init[i]->properties,
- object_init[i]->items);
- if (nxt_slow_path(ret != NXT_OK)) {
- return NXT_ERROR;
+ for (i = NJS_OBJECT_THIS; i < NJS_OBJECT_MAX; i++) {
+ if (object_init[i] != NULL) {
+ ret = njs_object_hash_create(vm, &objects[i].shared_hash,
+ object_init[i]->properties,
+ object_init[i]->items);
+ if (nxt_slow_path(ret != NXT_OK)) {
+ return NXT_ERROR;
+ }
}
objects[i].shared = 1;
diff -r f8cc880d9b9b -r a3588250473b njs/njs_generator.c
--- a/njs/njs_generator.c Tue Oct 11 17:44:01 2016 +0300
+++ b/njs/njs_generator.c Tue Oct 11 17:44:05 2016 +0300
@@ -289,6 +289,7 @@ njs_generator(njs_vm_t *vm, njs_parser_t
case NJS_TOKEN_NAME:
return njs_generate_name(vm, parser, node);
+ case NJS_TOKEN_GLOBAL_THIS:
case NJS_TOKEN_MATH:
case NJS_TOKEN_EVAL:
case NJS_TOKEN_TO_STRING:
diff -r f8cc880d9b9b -r a3588250473b njs/njs_parser.c
--- a/njs/njs_parser.c Tue Oct 11 17:44:01 2016 +0300
+++ b/njs/njs_parser.c Tue Oct 11 17:44:05 2016 +0300
@@ -1644,8 +1644,14 @@ njs_parser_terminal(njs_vm_t *vm, njs_pa
case NJS_TOKEN_THIS:
nxt_thread_log_debug("JS: this");
- node->index = NJS_INDEX_THIS;
- break;
+ if (parser->scope != NJS_SCOPE_GLOBAL) {
+ node->index = NJS_INDEX_THIS;
+ break;
+ }
+
+ node->token = NJS_TOKEN_GLOBAL_THIS;
+
+ /* Fall through. */
case NJS_TOKEN_MATH:
return njs_parser_builtin_object(vm, parser, node);
diff -r f8cc880d9b9b -r a3588250473b njs/njs_parser.h
--- a/njs/njs_parser.h Tue Oct 11 17:44:01 2016 +0300
+++ b/njs/njs_parser.h Tue Oct 11 17:44:05 2016 +0300
@@ -160,8 +160,9 @@ typedef enum {
NJS_TOKEN_THIS,
-#define NJS_TOKEN_FIRST_OBJECT NJS_TOKEN_MATH
+#define NJS_TOKEN_FIRST_OBJECT NJS_TOKEN_GLOBAL_THIS
+ NJS_TOKEN_GLOBAL_THIS,
NJS_TOKEN_MATH,
NJS_TOKEN_OBJECT_CONSTRUCTOR,
diff -r f8cc880d9b9b -r a3588250473b njs/njs_vm.h
--- a/njs/njs_vm.h Tue Oct 11 17:44:01 2016 +0300
+++ b/njs/njs_vm.h Tue Oct 11 17:44:05 2016 +0300
@@ -741,7 +741,8 @@ enum njs_constructor_e {
enum njs_object_e {
- NJS_OBJECT_MATH = 0,
+ NJS_OBJECT_THIS = 0,
+ NJS_OBJECT_MATH,
#define NJS_OBJECT_MAX (NJS_OBJECT_MATH + 1)
};
diff -r f8cc880d9b9b -r a3588250473b njs/test/njs_unit_test.c
--- a/njs/test/njs_unit_test.c Tue Oct 11 17:44:01 2016 +0300
+++ b/njs/test/njs_unit_test.c Tue Oct 11 17:44:05 2016 +0300
@@ -4237,6 +4237,9 @@ static njs_unit_test_t njs_test[] =
{ nxt_string("/./ instanceof Object"),
nxt_string("true") },
+ { nxt_string("this"),
+ nxt_string("[object Object]") },
+
{ nxt_string("var o = Object(); o"),
nxt_string("[object Object]") },
More information about the nginx-devel
mailing list