[JSC] Don't reference the properties of @Reflect directly
authorutatane.tea@gmail.com <utatane.tea@gmail.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 15 Mar 2016 04:08:06 +0000 (04:08 +0000)
committerutatane.tea@gmail.com <utatane.tea@gmail.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 15 Mar 2016 04:08:06 +0000 (04:08 +0000)
commit1ff93cd366e77854808b8fd2565fb7e778a37a6d
tree566339069b0987243471697682d7e026b93a8d3a
parentff045f2fad4711f2f580b0cd6c6ff32e50845c1f
[JSC] Don't reference the properties of @Reflect directly
https://bugs.webkit.org/show_bug.cgi?id=155436

Reviewed by Geoffrey Garen.

Reflect.ownKeys and Reflect.getOwnPropertyDescriptor can be altered with the user-crafted values.
Instead of referencing them directly, let's reference them through private names.

* builtins/ObjectConstructor.js:
(assign):
* runtime/CommonIdentifiers.h:
* runtime/ObjectConstructor.cpp:
(JSC::ObjectConstructor::finishCreation): Deleted.
* runtime/ReflectObject.cpp:
(JSC::ReflectObject::finishCreation):
* tests/stress/object-assign-correctness.js:
(runTests.):
(runTests.get let):
(Reflect.ownKeys):
(Reflect.getOwnPropertyDescriptor):
(test.let.handler.switch.case.string_appeared_here.return.get enumerable): Deleted.
(test.let.handler.getOwnPropertyDescriptor): Deleted.
(test.let.handler.ownKeys): Deleted.
(test.let.handler.get getProps): Deleted.
(test.let.handler): Deleted.
(test): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198192 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Source/JavaScriptCore/ChangeLog
Source/JavaScriptCore/builtins/ObjectConstructor.js
Source/JavaScriptCore/runtime/CommonIdentifiers.h
Source/JavaScriptCore/runtime/ObjectConstructor.cpp
Source/JavaScriptCore/runtime/ReflectObject.cpp
Source/JavaScriptCore/tests/stress/object-assign-correctness.js