Segv when PDF-side JS object property getter invoked from XFA.
The PDF-side native objects require that the current v8 context
has been set-up to point at the state (via CJS_Runtime) for the
getters, setters, and methods to operate against. XFA doesn't
supply a context with that state, so at the first opportunity for
a PDF-side object to be leaked to XFA, set up the context to mimic
the PDF side.
Changed FXJS_GetRuntimeFromIsolate() to FXJS_GetRuntimeFromV8Context()
for consistency with the newly added method.
BUG=pdfium:266
R=jochen@chromium.org
Review URL: https://codereview.chromium.org/1412103010 .
diff --git a/fpdfsdk/src/javascript/JS_Define.h b/fpdfsdk/src/javascript/JS_Define.h
index 3ebd075..b097aaa 100644
--- a/fpdfsdk/src/javascript/JS_Define.h
+++ b/fpdfsdk/src/javascript/JS_Define.h
@@ -78,8 +78,8 @@
v8::Local<v8::String> property,
const v8::PropertyCallbackInfo<v8::Value>& info) {
v8::Isolate* isolate = info.GetIsolate();
- CJS_Runtime* pRuntime =
- static_cast<CJS_Runtime*>(FXJS_GetRuntimeFromIsolate(isolate));
+ CJS_Runtime* pRuntime = static_cast<CJS_Runtime*>(
+ FXJS_GetRuntimeFromV8Context(isolate->GetCurrentContext()));
if (!pRuntime)
return;
IJS_Context* pContext = pRuntime->GetCurrentContext();
@@ -104,8 +104,8 @@
v8::Local<v8::Value> value,
const v8::PropertyCallbackInfo<void>& info) {
v8::Isolate* isolate = info.GetIsolate();
- CJS_Runtime* pRuntime =
- static_cast<CJS_Runtime*>(FXJS_GetRuntimeFromIsolate(isolate));
+ CJS_Runtime* pRuntime = static_cast<CJS_Runtime*>(
+ FXJS_GetRuntimeFromV8Context(isolate->GetCurrentContext()));
if (!pRuntime)
return;
IJS_Context* pContext = pRuntime->GetCurrentContext();
@@ -143,8 +143,8 @@
const char* class_name_string,
const v8::FunctionCallbackInfo<v8::Value>& info) {
v8::Isolate* isolate = info.GetIsolate();
- CJS_Runtime* pRuntime =
- static_cast<CJS_Runtime*>(FXJS_GetRuntimeFromIsolate(isolate));
+ CJS_Runtime* pRuntime = static_cast<CJS_Runtime*>(
+ FXJS_GetRuntimeFromV8Context(isolate->GetCurrentContext()));
if (!pRuntime)
return;
IJS_Context* pContext = pRuntime->GetCurrentContext();
@@ -366,8 +366,8 @@
v8::Local<v8::String> property,
const v8::PropertyCallbackInfo<v8::Value>& info) {
v8::Isolate* isolate = info.GetIsolate();
- CJS_Runtime* pRuntime =
- static_cast<CJS_Runtime*>(FXJS_GetRuntimeFromIsolate(isolate));
+ CJS_Runtime* pRuntime = static_cast<CJS_Runtime*>(
+ FXJS_GetRuntimeFromV8Context(isolate->GetCurrentContext()));
if (!pRuntime)
return;
IJS_Context* pContext = pRuntime->GetCurrentContext();
@@ -393,8 +393,8 @@
v8::Local<v8::Value> value,
const v8::PropertyCallbackInfo<v8::Value>& info) {
v8::Isolate* isolate = info.GetIsolate();
- CJS_Runtime* pRuntime =
- static_cast<CJS_Runtime*>(FXJS_GetRuntimeFromIsolate(isolate));
+ CJS_Runtime* pRuntime = static_cast<CJS_Runtime*>(
+ FXJS_GetRuntimeFromV8Context(isolate->GetCurrentContext()));
if (!pRuntime)
return;
IJS_Context* pContext = pRuntime->GetCurrentContext();
@@ -417,7 +417,8 @@
v8::Local<v8::String> property,
const v8::PropertyCallbackInfo<v8::Boolean>& info) {
v8::Isolate* isolate = info.GetIsolate();
- IJS_Runtime* pRuntime = FXJS_GetRuntimeFromIsolate(isolate);
+ IJS_Runtime* pRuntime =
+ FXJS_GetRuntimeFromV8Context(isolate->GetCurrentContext());
if (!pRuntime)
return;
IJS_Context* pContext = pRuntime->GetCurrentContext();
@@ -439,8 +440,8 @@
*F)(IJS_Context*, const CJS_Parameters&, CJS_Value&, CFX_WideString&)>
void JSGlobalFunc(const char* func_name_string,
const v8::FunctionCallbackInfo<v8::Value>& info) {
- CJS_Runtime* pRuntime =
- static_cast<CJS_Runtime*>(FXJS_GetRuntimeFromIsolate(info.GetIsolate()));
+ CJS_Runtime* pRuntime = static_cast<CJS_Runtime*>(
+ FXJS_GetRuntimeFromV8Context(info.GetIsolate()->GetCurrentContext()));
if (!pRuntime)
return;
IJS_Context* pContext = pRuntime->GetCurrentContext();