fergalmoran/ladybird
1
0
Fork 0
mirror of https://github.com/fergalmoran/ladybird.git synced 2025-12-27 03:37:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

LibJS: Do not invoke Cell::vm in constructors before Cell is constructed

Browse Source 
In a subclass of Cell, we cannot use Cell::vm() before the base Cell
object itself is constructed. Use the Realm's VM instead.

This was caught by UBSAN with vptr sanitation enabled.
This commit is contained in:
Timothy Flynn
2022-09-14 19:10:27 -04:00
committed by Andreas Kling
parent 3efe611dbf
commit 85e313077a
46 changed files with 97 additions and 97 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Userland/Libraries/LibJS/Runtime/AsyncFunctionConstructor.cpp
View File

@@ -13,7 +13,7 @@
namespace JS {
AsyncFunctionConstructor::AsyncFunctionConstructor(Realm& realm)
: NativeFunction(vm().names.AsyncFunction.as_string(), *realm.intrinsics().function_constructor())
: NativeFunction(realm.vm().names.AsyncFunction.as_string(), *realm.intrinsics().function_constructor())
{
}