fergalmoran/ladybird
1
0
Fork 0
mirror of https://github.com/fergalmoran/ladybird.git synced 2025-12-30 05:08:56 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
7ed89703fea8fcd2ca7da6fa50c78ff9d84b1113
ladybird/Libraries/LibJS/Runtime
History
Andreas Kling fdd974b7ef LibJS: Fix UB downcast during GlobalObject construction 
When constructing a GlobalObject, it has to pass itself as the global
object to its own Shape. Since this is done in the Object constructor,
and Object is a base class of GlobalObject, it's not yet valid to cast
"this" to a GlobalObject*.

Fix this by having Shape store the global object as an Object& and move
Shape::global_object() to GlobalObject.h where we can at least perform a
valid static_cast in the getter.

Found by oss-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29267
2021-01-05 12:02:59 +01:00
..
Accessor.h
Everywhere: Switch from (void) to [[maybe_unused]] (#4473)
2020-12-21 00:09:48 +01:00
Array.cpp
LibJS: Add generic InvalidLength error type
2020-12-02 23:49:00 +01:00
Array.h
LibJS: Make native function/property callbacks take VM, not Interpreter
2020-09-27 20:26:58 +02:00
ArrayBuffer.cpp
LibJS: Add ArrayBuffer
2020-12-02 23:49:00 +01:00
ArrayBuffer.h
LibJS: Remove hand-rolled Object is_foo() helpers in favor of RTTI
2021-01-01 17:46:39 +01:00
ArrayBufferConstructor.cpp
LibJS: Add ArrayBuffer
2020-12-02 23:49:00 +01:00
ArrayBufferConstructor.h
LibJS: Add ArrayBuffer
2020-12-02 23:49:00 +01:00
ArrayBufferPrototype.cpp
LibJS: Remove hand-rolled Object is_foo() helpers in favor of RTTI
2021-01-01 17:46:39 +01:00
ArrayBufferPrototype.h
LibJS: Add ArrayBuffer
2020-12-02 23:49:00 +01:00
ArrayConstructor.cpp
LibJS: Add generic InvalidLength error type
2020-12-02 23:49:00 +01:00
ArrayConstructor.h
LibJS: Remove Interpreter& argument to Function::construct()
2020-09-27 20:26:58 +02:00
ArrayIterator.cpp
LibJS: Rename Cell::visit_children() => Cell::visit_edges()
2020-11-28 17:16:48 +01:00
ArrayIterator.h
LibJS: Remove hand-rolled Object is_foo() helpers in favor of RTTI
2021-01-01 17:46:39 +01:00
ArrayIteratorPrototype.cpp
LibJS: Remove hand-rolled Object is_foo() helpers in favor of RTTI
2021-01-01 17:46:39 +01:00
ArrayIteratorPrototype.h
LibJS: Simplify Cell::initialize()
2020-07-23 17:31:08 +02:00
ArrayPrototype.cpp
LibJS: Implement Array.prototype.sort()
2020-12-27 23:24:33 +01:00
ArrayPrototype.h
LibJS: Implement Array.prototype.sort()
2020-12-27 23:24:33 +01:00
BigInt.cpp
LibJS: Remove a whole bunch of includes of <LibJS/Interpreter.h>
2020-09-27 20:26:58 +02:00
BigInt.h
LibJS: Fix weird self-including header
2020-10-06 18:37:58 +02:00
BigIntConstructor.cpp
LibJS: Cache commonly used FlyStrings in the VM
2020-10-13 23:57:45 +02:00
BigIntConstructor.h
LibJS: Remove Interpreter& argument to Function::construct()
2020-09-27 20:26:58 +02:00
BigIntObject.cpp
LibJS: Rename Cell::visit_children() => Cell::visit_edges()
2020-11-28 17:16:48 +01:00
BigIntObject.h
LibJS: Remove hand-rolled Object is_foo() helpers in favor of RTTI
2021-01-01 17:46:39 +01:00
BigIntPrototype.cpp
LibJS: Remove hand-rolled Object is_foo() helpers in favor of RTTI
2021-01-01 17:46:39 +01:00
BigIntPrototype.h
LibJS: Simplify Cell::initialize()
2020-07-23 17:31:08 +02:00
BooleanConstructor.cpp
LibJS: Cache commonly used FlyStrings in the VM
2020-10-13 23:57:45 +02:00
BooleanConstructor.h
LibJS: Remove Interpreter& argument to Function::construct()
2020-09-27 20:26:58 +02:00
BooleanObject.cpp
LibJS: Remove a bunch of unnecessary uses of Cell::interpreter()
2020-09-27 20:26:58 +02:00
BooleanObject.h
LibJS: Remove hand-rolled Object is_foo() helpers in favor of RTTI
2021-01-01 17:46:39 +01:00
BooleanPrototype.cpp
LibJS: Remove hand-rolled Object is_foo() helpers in favor of RTTI
2021-01-01 17:46:39 +01:00
BooleanPrototype.h
LibJS: Simplify Cell::initialize()
2020-07-23 17:31:08 +02:00
BoundFunction.cpp
LibJS: Rename Cell::visit_children() => Cell::visit_edges()
2020-11-28 17:16:48 +01:00
BoundFunction.h
LibJS: Remove hand-rolled Object is_foo() helpers in favor of RTTI
2021-01-01 17:46:39 +01:00
Cell.cpp
LibJS: Use new format functions everywhere
2020-12-06 18:52:52 +01:00
Cell.h
LibJS: Remove hand-rolled Object is_foo() helpers in favor of RTTI
2021-01-01 17:46:39 +01:00
CommonPropertyNames.h
LibJS: Add almost all Math functions
2020-12-28 19:03:11 +01:00
ConsoleObject.cpp
LibJS: Add some more items to CommonPropertyNames that I missed
2020-10-14 00:10:49 +02:00
ConsoleObject.h
LibJS: Simplify Cell::initialize()
2020-07-23 17:31:08 +02:00
Date.cpp
LibJS: Remove a whole bunch of includes of <LibJS/Interpreter.h>
2020-09-27 20:26:58 +02:00
Date.h
LibJS: Remove hand-rolled Object is_foo() helpers in favor of RTTI
2021-01-01 17:46:39 +01:00
DateConstructor.cpp
LibJS: Cache commonly used FlyStrings in the VM
2020-10-13 23:57:45 +02:00
DateConstructor.h
LibJS: Remove Interpreter& argument to Function::construct()
2020-09-27 20:26:58 +02:00
DatePrototype.cpp
LibJS: Remove hand-rolled Object is_foo() helpers in favor of RTTI
2021-01-01 17:46:39 +01:00
DatePrototype.h
Meta+LibHTTP through LibWeb: Make clang-format-10 clean
2020-09-25 21:18:17 +02:00
Error.cpp
LibJS: Add six typed arrays (signed and unsigned 8/16/32-bit)
2020-12-01 21:05:25 +01:00
Error.h
LibJS: Remove hand-rolled Object is_foo() helpers in favor of RTTI
2021-01-01 17:46:39 +01:00
ErrorConstructor.cpp
LibJS: Add six typed arrays (signed and unsigned 8/16/32-bit)
2020-12-01 21:05:25 +01:00
ErrorConstructor.h
LibJS: Add six typed arrays (signed and unsigned 8/16/32-bit)
2020-12-01 21:05:25 +01:00
ErrorPrototype.cpp
LibJS: Remove hand-rolled Object is_foo() helpers in favor of RTTI
2021-01-01 17:46:39 +01:00
ErrorPrototype.h
LibJS: Add six typed arrays (signed and unsigned 8/16/32-bit)
2020-12-01 21:05:25 +01:00
ErrorTypes.cpp
Meta+LibHTTP through LibWeb: Make clang-format-10 clean
2020-09-25 21:18:17 +02:00
ErrorTypes.h
LibJS: Use ArrayBuffer for typed array data
2020-12-02 23:49:00 +01:00
Exception.cpp
LibJS: Track source positions all the way down to exceptions
2020-12-29 00:58:43 +01:00
Exception.h
LibJS: Track source positions all the way down to exceptions
2020-12-29 00:58:43 +01:00
Function.cpp
LibJS: Remove hand-rolled Object is_foo() helpers in favor of RTTI
2021-01-01 17:46:39 +01:00
Function.h
LibJS: Move is_script_function() to Object
2020-12-05 10:05:28 +01:00
FunctionConstructor.cpp
LibJS: Tweak generated source in 'new Function()' to match ES 2015 spec
2020-10-29 22:27:55 +01:00
FunctionConstructor.h
LibJS: Remove Interpreter& argument to Function::construct()
2020-09-27 20:26:58 +02:00
FunctionPrototype.cpp
LibJS: Remove hand-rolled Object is_foo() helpers in favor of RTTI
2021-01-01 17:46:39 +01:00
FunctionPrototype.h
LibJS: Simplify Cell::initialize()
2020-07-23 17:31:08 +02:00
GlobalObject.cpp
LibJS: Make sure GlobalObject marks the Proxy constructor
2020-12-08 17:49:02 +01:00
GlobalObject.h
LibJS: Fix UB downcast during GlobalObject construction
2021-01-05 12:02:59 +01:00
IndexedProperties.cpp
LibJS: Use IndexedProperties::for_each_value() in update_function_name()
2020-12-08 17:49:02 +01:00
IndexedProperties.h
LibJS: Use IndexedProperties::for_each_value() in update_function_name()
2020-12-08 17:49:02 +01:00
IteratorOperations.cpp
Everywhere: Switch from (void) to [[maybe_unused]] (#4473)
2020-12-21 00:09:48 +01:00
IteratorOperations.h
LibJS: get_iterator_values() should pass Value to callback (not Value&)
2020-09-08 14:15:13 +02:00
IteratorPrototype.cpp
LibJS: Remove a whole bunch of includes of <LibJS/Interpreter.h>
2020-09-27 20:26:58 +02:00
IteratorPrototype.h
LibJS: Simplify Cell::initialize()
2020-07-23 17:31:08 +02:00
JSONObject.cpp
LibJS: Remove hand-rolled Object is_foo() helpers in favor of RTTI
2021-01-01 17:46:39 +01:00
JSONObject.h
LibJS: Remove use of Interpreter& in JSONObject code
2020-09-27 20:26:58 +02:00
LexicalEnvironment.cpp
LibJS: Add a scope object abstraction
2020-11-28 17:16:48 +01:00
LexicalEnvironment.h
LibJS: Remove hand-rolled Object is_foo() helpers in favor of RTTI
2021-01-01 17:46:39 +01:00
MarkedValueList.cpp
LibJS: Make MarkedValueList inherit from Vector<Value>
2020-09-08 13:43:03 +02:00
MarkedValueList.h
LibJS: Make MarkedValueList inherit from Vector<Value>
2020-09-08 13:43:03 +02:00
MathObject.cpp
LibJS: Add almost all Math functions
2020-12-28 19:03:11 +01:00
MathObject.h
LibJS: Add almost all Math functions
2020-12-28 19:03:11 +01:00
NativeFunction.cpp
LibJS: Move "strict mode" state to the call stack
2020-10-04 17:03:33 +02:00
NativeFunction.h
LibJS: Remove hand-rolled Object is_foo() helpers in favor of RTTI
2021-01-01 17:46:39 +01:00
NativeProperty.cpp
LibJS: Make native function/property callbacks take VM, not Interpreter
2020-09-27 20:26:58 +02:00
NativeProperty.h
LibJS: Make native function/property callbacks take VM, not Interpreter
2020-09-27 20:26:58 +02:00
NumberConstructor.cpp
LibJS: Use pow instead of __bulitin_pow on clang
2020-11-07 10:09:55 +01:00
NumberConstructor.h
LibJS: Remove Interpreter& argument to Function::construct()
2020-09-27 20:26:58 +02:00
NumberObject.cpp
LibJS: Remove a whole bunch of includes of <LibJS/Interpreter.h>
2020-09-27 20:26:58 +02:00
NumberObject.h
LibJS: Remove hand-rolled Object is_foo() helpers in favor of RTTI
2021-01-01 17:46:39 +01:00
NumberPrototype.cpp
LibJS: Remove hand-rolled Object is_foo() helpers in favor of RTTI
2021-01-01 17:46:39 +01:00
NumberPrototype.h
LibJS: Simplify Cell::initialize()
2020-07-23 17:31:08 +02:00
Object.cpp
LibJS: Fix UB downcast during GlobalObject construction
2021-01-05 12:02:59 +01:00
Object.h
LibJS+LibWeb: Stop generating is_foo_wrapper() for JS DOM wrappers
2021-01-01 18:06:38 +01:00
ObjectConstructor.cpp
LibJS: Remove hand-rolled Object is_foo() helpers in favor of RTTI
2021-01-01 17:46:39 +01:00
ObjectConstructor.h
LibJS: Remove Interpreter& argument to Function::construct()
2020-09-27 20:26:58 +02:00
ObjectPrototype.cpp
LibJS: Remove hand-rolled Object is_foo() helpers in favor of RTTI
2021-01-01 17:46:39 +01:00
ObjectPrototype.h
LibJS: Implement Object.prototype.isPrototypeOf
2020-12-28 13:10:07 +01:00
PrimitiveString.cpp
LibJS: Give VM a cache of single-ASCII-character PrimitiveString
2020-10-22 17:48:12 +02:00
PrimitiveString.h
LibJS: Remove js_string(Interpreter&, ...)
2020-09-27 20:26:58 +02:00
PropertyAttributes.h
AK+Format: Remove TypeErasedFormatParams& from format function.
2020-12-30 20:33:53 +01:00
PropertyName.h
LibJS: Don't create "valid" PropertyName from null string
2020-11-04 15:31:39 +01:00
ProxyConstructor.cpp
LibJS: Add ErrorType::ConstructorWithoutNew
2020-12-02 12:52:31 +01:00
ProxyConstructor.h
LibJS: Remove Interpreter& argument to Function::construct()
2020-09-27 20:26:58 +02:00
ProxyObject.cpp
LibJS: Remove ProxyPrototype
2020-12-01 09:54:37 +01:00
ProxyObject.h
LibJS: Remove hand-rolled Object is_foo() helpers in favor of RTTI
2021-01-01 17:46:39 +01:00
Reference.cpp
LibJS: Handle symbol PropertyName in primitive assignment error
2020-11-12 11:40:29 +01:00
Reference.h
LibJS: Use new format functions everywhere
2020-12-06 18:52:52 +01:00
ReflectObject.cpp
LibJS: Remove hand-rolled Object is_foo() helpers in favor of RTTI
2021-01-01 17:46:39 +01:00
ReflectObject.h
LibJS: Simplify Cell::initialize()
2020-07-23 17:31:08 +02:00
RegExpConstructor.cpp
LibJS: Make RegExp() constructor spec-compliant
2020-11-28 01:20:11 +01:00
RegExpConstructor.h
LibJS: Remove Interpreter& argument to Function::construct()
2020-09-27 20:26:58 +02:00
RegExpObject.cpp
LibJS: Remove hand-rolled Object is_foo() helpers in favor of RTTI
2021-01-01 17:46:39 +01:00
RegExpObject.h
LibJS: Remove hand-rolled Object is_foo() helpers in favor of RTTI
2021-01-01 17:46:39 +01:00
RegExpPrototype.cpp
LibJS: Remove hand-rolled Object is_foo() helpers in favor of RTTI
2021-01-01 17:46:39 +01:00
RegExpPrototype.h
LibJS: Use enumerator macros to define RegExp.prototype flag getters
2020-11-28 01:20:11 +01:00
ScopeObject.cpp
LibJS: Add a scope object abstraction
2020-11-28 17:16:48 +01:00
ScopeObject.h
LibJS: Add a scope object abstraction
2020-11-28 17:16:48 +01:00
ScriptFunction.cpp
LibJS: Remove hand-rolled type information in JS AST in favor of RTTI
2021-01-01 19:34:07 +01:00
ScriptFunction.h
LibJS: Remove hand-rolled Object is_foo() helpers in favor of RTTI
2021-01-01 17:46:39 +01:00
Shape.cpp
LibJS: Fix UB downcast during GlobalObject construction
2021-01-05 12:02:59 +01:00
Shape.h
LibJS: Fix UB downcast during GlobalObject construction
2021-01-05 12:02:59 +01:00
StringConstructor.cpp
LibJS: Cache commonly used FlyStrings in the VM
2020-10-13 23:57:45 +02:00
StringConstructor.h
LibJS: Remove Interpreter& argument to Function::construct()
2020-09-27 20:26:58 +02:00
StringIterator.cpp
Meta+LibHTTP through LibWeb: Make clang-format-10 clean
2020-09-25 21:18:17 +02:00
StringIterator.h
LibJS: Remove hand-rolled Object is_foo() helpers in favor of RTTI
2021-01-01 17:46:39 +01:00
StringIteratorPrototype.cpp
LibJS: Remove hand-rolled Object is_foo() helpers in favor of RTTI
2021-01-01 17:46:39 +01:00
StringIteratorPrototype.h
LibJS: Simplify Cell::initialize()
2020-07-23 17:31:08 +02:00
StringObject.cpp
LibJS: Rename Cell::visit_children() => Cell::visit_edges()
2020-11-28 17:16:48 +01:00
StringObject.h
LibJS: Remove hand-rolled Object is_foo() helpers in favor of RTTI
2021-01-01 17:46:39 +01:00
StringOrSymbol.h
LibJS: Rename Cell::visit_children() => Cell::visit_edges()
2020-11-28 17:16:48 +01:00
StringPrototype.cpp
LibJS: Remove hand-rolled Object is_foo() helpers in favor of RTTI
2021-01-01 17:46:39 +01:00
StringPrototype.h
LibJS: Implement String.prototype.endsWith()
2020-12-26 01:09:04 +01:00
Symbol.cpp
LibJS: Remove a whole bunch of includes of <LibJS/Interpreter.h>
2020-09-27 20:26:58 +02:00
Symbol.h
LibJS: Use string::formatted() in to_string() functions
2020-10-04 19:22:02 +02:00
SymbolConstructor.cpp
LibJS: Cache commonly used FlyStrings in the VM
2020-10-13 23:57:45 +02:00
SymbolConstructor.h
LibJS: Remove Interpreter& argument to Function::construct()
2020-09-27 20:26:58 +02:00
SymbolObject.cpp
LibJS: Rename Cell::visit_children() => Cell::visit_edges()
2020-11-28 17:16:48 +01:00
SymbolObject.h
LibJS: Remove hand-rolled Object is_foo() helpers in favor of RTTI
2021-01-01 17:46:39 +01:00
SymbolPrototype.cpp
LibJS: Remove hand-rolled Object is_foo() helpers in favor of RTTI
2021-01-01 17:46:39 +01:00
SymbolPrototype.h
LibJS: Simplify Cell::initialize()
2020-07-23 17:31:08 +02:00
TypedArray.cpp
LibJS: Remove hand-rolled Object is_foo() helpers in favor of RTTI
2021-01-01 17:46:39 +01:00
TypedArray.h
LibJS: Add Float{32,64}Array
2020-12-05 23:52:17 +01:00
TypedArrayConstructor.cpp
LibJS: Fix email in TypedArray{Constructor,Prototype} copyright headers
2021-01-01 15:02:58 +01:00
TypedArrayConstructor.h
LibJS: Fix email in TypedArray{Constructor,Prototype} copyright headers
2021-01-01 15:02:58 +01:00
TypedArrayPrototype.cpp
LibJS: Fix email in TypedArray{Constructor,Prototype} copyright headers
2021-01-01 15:02:58 +01:00
TypedArrayPrototype.h
LibJS: Fix email in TypedArray{Constructor,Prototype} copyright headers
2021-01-01 15:02:58 +01:00
Uint8ClampedArray.cpp
LibJS: Have Uint8ClampedArray delegate OOB accesses to JS::Object
2020-12-01 17:12:04 +01:00
Uint8ClampedArray.h
LibJS+LibWeb: Add JS::Object::inherits(class_name)
2020-06-21 15:15:52 +02:00
Value.cpp
LibJS: Remove hand-rolled Object is_foo() helpers in favor of RTTI
2021-01-01 17:46:39 +01:00
Value.h
AK+Format: Remove TypeErasedFormatParams& from format function.
2020-12-30 20:33:53 +01:00
VM.cpp
LibJS: Remove hand-rolled Object is_foo() helpers in favor of RTTI
2021-01-01 17:46:39 +01:00
VM.h
LibJS: Track source positions all the way down to exceptions
2020-12-29 00:58:43 +01:00
WithScope.cpp
LibJS: Add basic support for "with" statements
2020-11-28 17:16:48 +01:00
WithScope.h
LibJS: Run clang-format on WithScope.h
2020-11-28 17:36:38 +01:00