We should clear m_needsOverflowCheck when hitting an exception in defineProperties...
authorrmorisset@apple.com <rmorisset@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 10 Apr 2019 18:05:00 +0000 (18:05 +0000)
committerrmorisset@apple.com <rmorisset@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 10 Apr 2019 18:05:00 +0000 (18:05 +0000)
commiteb7062905750e83231e14914247bec0d71c7b69e
tree092128b4cf0c118ee09037b725e3a228c870a343
parent3458148dd7676afe05d1e9c83a81d98a00268359
We should clear m_needsOverflowCheck when hitting an exception in defineProperties in ObjectConstructor.cpp
https://bugs.webkit.org/show_bug.cgi?id=196746

JSTests:

Reviewed by Yusuke Suzuki.

* stress/cyclic-define-properties.js: Added.
(foo):

Source/JavaScriptCore:

Reviewed by Yusuke Suzuki..

It should be safe as in that case we are not completing the operation, and so not going to have any buffer overflow.

* runtime/ObjectConstructor.cpp:
(JSC::defineProperties):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@244136 268f45cc-cd09-0410-ab3c-d52691b4dbfc
JSTests/ChangeLog
JSTests/stress/cyclic-define-properties.js [new file with mode: 0644]
Source/JavaScriptCore/ChangeLog
Source/JavaScriptCore/runtime/ObjectConstructor.cpp