We use cookies to ensure you get the best experience on our website
Inicio Explorar Axuda
Rexistro Iniciar sesión
0ct0pu5
/
ladybird
1
0
Fork 0
Ficheiros Incidencias 0 Pull Requests 0 Wiki
Explorar o código

LibJS: Don't apply arguments object hack to global execution context

Checking for the existence of a call frame is not enough to check if
we're in a function call, as the global execution context is a regular
call frame as well.

Found by OSS-Fuzz, where simply accessing "arguments" in the global
scope would crash due to call_frame().callee being an empty value
(https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32115).
Linus Groh %!s(int64=4) %!d(string=hai) anos
pai
00f1cb924b
achega
8e84ca6b16
Modificáronse 1 ficheiros con 2 adicións e 2 borrados
Dividir vista Mostrar estatísticas de Diff
  1. 2 2
      Userland/Libraries/LibJS/Runtime/VM.cpp

+ 2 - 2
Userland/Libraries/LibJS/Runtime/VM.cpp
Ver ficheiro 

@@ -163,8 +163,8 @@ void VM::set_variable(const FlyString& name, Value value, GlobalObject& global_o
 
 
 Value VM::get_variable(const FlyString& name, GlobalObject& global_object)
 
 {
 
-    if (m_call_stack.size()) {
 
-        if (name == names.arguments) {
 
+    if (!m_call_stack.is_empty()) {
 
+        if (name == names.arguments && m_call_stack.size() > 1) {
 
             // HACK: Special handling for the name "arguments":
 
             //       If the name "arguments" is defined in the current scope, for example via
 
             //       a function parameter, or by a local var declaration, we use that.

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5