JSEvaluteScript does not return the correct object when given JSONP data
authoroliver@apple.com <oliver@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 10 Aug 2011 19:42:17 +0000 (19:42 +0000)
committeroliver@apple.com <oliver@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 10 Aug 2011 19:42:17 +0000 (19:42 +0000)
https://bugs.webkit.org/show_bug.cgi?id=66003

Reviewed by Gavin Barraclough.

Source/JavaScriptCore:

Make sure we propagate the result of the function call rather than the
argument.

* interpreter/Interpreter.cpp:
(JSC::Interpreter::execute):

Tools:

Add a test case.

* DumpRenderTree/mac/DumpRenderTree.mm:
(testStringByEvaluatingJavaScriptFromString):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@92785 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/JavaScriptCore/ChangeLog
Source/JavaScriptCore/interpreter/Interpreter.cpp
Tools/ChangeLog
Tools/DumpRenderTree/mac/DumpRenderTree.mm

index f9163e0..c6ffaf5 100644 (file)
@@ -1,3 +1,16 @@
+2011-08-10  Oliver Hunt  <oliver@apple.com>
+
+        JSEvaluteScript does not return the correct object when given JSONP data
+        https://bugs.webkit.org/show_bug.cgi?id=66003
+
+        Reviewed by Gavin Barraclough.
+
+        Make sure we propagate the result of the function call rather than the
+        argument.
+
+        * interpreter/Interpreter.cpp:
+        (JSC::Interpreter::execute):
+
 2011-08-10  Filip Pizlo  <fpizlo@apple.com>
 
         DFG JIT heap prediction causes regressions when combined with
index 0e7229d..0753cf3 100644 (file)
@@ -841,7 +841,7 @@ JSValue Interpreter::execute(ProgramExecutable* program, CallFrame* callFrame, S
                 MarkedArgumentBuffer jsonArg;
                 jsonArg.append(JSONPValue);
                 JSValue thisValue = JSONPPath.size() == 1 ? jsUndefined(): baseObject;
-                JSC::call(callFrame, function, callType, callData, thisValue, jsonArg);
+                JSONPValue = JSC::call(callFrame, function, callType, callData, thisValue, jsonArg);
                 if (callFrame->hadException())
                     return jsUndefined();
                 break;
index 2326822..44d1455 100644 (file)
@@ -1,3 +1,15 @@
+2011-08-10  Oliver Hunt  <oliver@apple.com>
+
+        JSEvaluteScript does not return the correct object when given JSONP data
+        https://bugs.webkit.org/show_bug.cgi?id=66003
+
+        Reviewed by Gavin Barraclough.
+
+        Add a test case.
+
+        * DumpRenderTree/mac/DumpRenderTree.mm:
+        (testStringByEvaluatingJavaScriptFromString):
+
 2011-08-10  Eric Seidel  <eric@webkit.org>
 
         WIN: NRWT runs compositing tests on configurations that don't support compositing
index cd4c1bd..5c5462c 100644 (file)
@@ -354,6 +354,7 @@ void testStringByEvaluatingJavaScriptFromString()
         @"", @"undefined",
         @"true", @"true",
         @"false", @"false",
+        @"", @"alert('Should not be result')",
         nil
     ];