Skip to content

Commit 8a69929

Browse files
debadree25RafaelGSS
debadree25
authored and
RafaelGSS
committed
deps: V8: cherry-pick 975ff4dbfd1b
Original commit message: fix GetPropertyNames for proxys with ownKeys trap Added checks to FilterProxyKeys function for when skip_indices is enabled. Bug: v8:13728 Change-Id: Id096e32ef8e6c2344be9682e8222aea8790bd66d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4333698 Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#86548} Refs: v8/v8@975ff4d PR-URL: #47209 Fixes: #41714 Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Jiawen Geng <technicalcute@gmail.com> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: Erick Wendel <erick.workspace@gmail.com>
1 parent b8c6ced commit 8a69929

File tree

4 files changed

+114
-3
lines changed

4 files changed

+114
-3
lines changed

common.gypi

+1-1
Original file line numberDiff line numberDiff line change
@@ -36,7 +36,7 @@
3636

3737
# Reset this number to 0 on major V8 upgrades.
3838
# Increment by one for each non-official patch applied to deps/v8.
39-
'v8_embedder_string': '-node.13',
39+
'v8_embedder_string': '-node.14',
4040

4141
##### V8 defaults for Node.js #####
4242

deps/v8/AUTHORS

+1
Original file line numberDiff line numberDiff line change
@@ -98,6 +98,7 @@ Darshan Sen <raisinten@gmail.com>
9898
David Carlier <devnexen@gmail.com>
9999
David Manouchehri <david@davidmanouchehri.com>
100100
David Sanders <dsanders11@ucsbalum.com>
101+
Debadree Chatterjee <debadree333@gmail.com>
101102
Deepak Mohan <hop2deep@gmail.com>
102103
Deon Dior <diaoyuanjie@gmail.com>
103104
Derek Tu <derek.t@rioslab.org>

deps/v8/src/objects/keys.cc

+8-2
Original file line numberDiff line numberDiff line change
@@ -182,7 +182,8 @@ ExceptionStatus KeyAccumulator::AddKeys(Handle<JSObject> array_like,
182182
MaybeHandle<FixedArray> FilterProxyKeys(KeyAccumulator* accumulator,
183183
Handle<JSProxy> owner,
184184
Handle<FixedArray> keys,
185-
PropertyFilter filter) {
185+
PropertyFilter filter,
186+
bool skip_indices) {
186187
if (filter == ALL_PROPERTIES) {
187188
// Nothing to do.
188189
return keys;
@@ -192,6 +193,10 @@ MaybeHandle<FixedArray> FilterProxyKeys(KeyAccumulator* accumulator,
192193
for (int i = 0; i < keys->length(); ++i) {
193194
Handle<Name> key(Name::cast(keys->get(i)), isolate);
194195
if (key->FilterKey(filter)) continue; // Skip this key.
196+
if (skip_indices) {
197+
uint32_t index;
198+
if (key->AsArrayIndex(&index)) continue; // Skip this key.
199+
}
195200
if (filter & ONLY_ENUMERABLE) {
196201
PropertyDescriptor desc;
197202
Maybe<bool> found =
@@ -218,7 +223,8 @@ Maybe<bool> KeyAccumulator::AddKeysFromJSProxy(Handle<JSProxy> proxy,
218223
// Postpone the enumerable check for for-in to the ForInFilter step.
219224
if (!is_for_in_) {
220225
ASSIGN_RETURN_ON_EXCEPTION_VALUE(
221-
isolate_, keys, FilterProxyKeys(this, proxy, keys, filter_),
226+
isolate_, keys,
227+
FilterProxyKeys(this, proxy, keys, filter_, skip_indices_),
222228
Nothing<bool>());
223229
}
224230
// https://tc39.es/ecma262/#sec-proxy-object-internal-methods-and-internal-slots-ownpropertykeys

deps/v8/test/cctest/test-api.cc

+104
Original file line numberDiff line numberDiff line change
@@ -14429,6 +14429,110 @@ THREADED_TEST(ProxyGetPropertyNames) {
1442914429
CheckIsSymbolAt(isolate, properties, 4, "symbol");
1443014430
}
1443114431

14432+
THREADED_TEST(ProxyGetPropertyNamesWithOwnKeysTrap) {
14433+
LocalContext context;
14434+
v8::Isolate* isolate = context->GetIsolate();
14435+
v8::HandleScope scope(isolate);
14436+
v8::Local<v8::Value> result = CompileRun(
14437+
"var target = {0: 0, 1: 1, a: 2, b: 3};"
14438+
"target[2**32] = '4294967296';"
14439+
"target[2**32-1] = '4294967295';"
14440+
"target[2**32-2] = '4294967294';"
14441+
"target[Symbol('symbol')] = true;"
14442+
"target.__proto__ = {__proto__:null, 2: 4, 3: 5, c: 6, d: 7};"
14443+
"var result = new Proxy(target, { ownKeys: (t) => Reflect.ownKeys(t) });"
14444+
"result;");
14445+
v8::Local<v8::Object> object = result.As<v8::Object>();
14446+
v8::PropertyFilter default_filter =
14447+
static_cast<v8::PropertyFilter>(v8::ONLY_ENUMERABLE | v8::SKIP_SYMBOLS);
14448+
v8::PropertyFilter include_symbols_filter = v8::ONLY_ENUMERABLE;
14449+
14450+
v8::Local<v8::Array> properties =
14451+
object->GetPropertyNames(context.local()).ToLocalChecked();
14452+
const char* expected_properties1[] = {"0", "1", "4294967294", "a",
14453+
"b", "4294967296", "4294967295", "2",
14454+
"3", "c", "d"};
14455+
CheckStringArray(isolate, properties, 11, expected_properties1);
14456+
14457+
properties =
14458+
object
14459+
->GetPropertyNames(context.local(),
14460+
v8::KeyCollectionMode::kIncludePrototypes,
14461+
default_filter, v8::IndexFilter::kIncludeIndices)
14462+
.ToLocalChecked();
14463+
CheckStringArray(isolate, properties, 11, expected_properties1);
14464+
14465+
properties = object
14466+
->GetPropertyNames(context.local(),
14467+
v8::KeyCollectionMode::kIncludePrototypes,
14468+
include_symbols_filter,
14469+
v8::IndexFilter::kIncludeIndices)
14470+
.ToLocalChecked();
14471+
const char* expected_properties1_1[] = {
14472+
"0", "1", "4294967294", "a", "b", "4294967296",
14473+
"4294967295", nullptr, "2", "3", "c", "d"};
14474+
CheckStringArray(isolate, properties, 12, expected_properties1_1);
14475+
CheckIsSymbolAt(isolate, properties, 7, "symbol");
14476+
14477+
properties =
14478+
object
14479+
->GetPropertyNames(context.local(),
14480+
v8::KeyCollectionMode::kIncludePrototypes,
14481+
default_filter, v8::IndexFilter::kSkipIndices)
14482+
.ToLocalChecked();
14483+
const char* expected_properties2[] = {"a", "b", "4294967296",
14484+
"4294967295", "c", "d"};
14485+
CheckStringArray(isolate, properties, 6, expected_properties2);
14486+
14487+
properties = object
14488+
->GetPropertyNames(context.local(),
14489+
v8::KeyCollectionMode::kIncludePrototypes,
14490+
include_symbols_filter,
14491+
v8::IndexFilter::kSkipIndices)
14492+
.ToLocalChecked();
14493+
const char* expected_properties2_1[] = {
14494+
"a", "b", "4294967296", "4294967295", nullptr, "c", "d"};
14495+
CheckStringArray(isolate, properties, 7, expected_properties2_1);
14496+
CheckIsSymbolAt(isolate, properties, 4, "symbol");
14497+
14498+
properties =
14499+
object
14500+
->GetPropertyNames(context.local(), v8::KeyCollectionMode::kOwnOnly,
14501+
default_filter, v8::IndexFilter::kIncludeIndices)
14502+
.ToLocalChecked();
14503+
const char* expected_properties3[] = {"0", "1", "4294967294", "a",
14504+
"b", "4294967296", "4294967295"};
14505+
CheckStringArray(isolate, properties, 7, expected_properties3);
14506+
14507+
properties = object
14508+
->GetPropertyNames(
14509+
context.local(), v8::KeyCollectionMode::kOwnOnly,
14510+
include_symbols_filter, v8::IndexFilter::kIncludeIndices)
14511+
.ToLocalChecked();
14512+
const char* expected_properties3_1[] = {
14513+
"0", "1", "4294967294", "a", "b", "4294967296", "4294967295", nullptr};
14514+
CheckStringArray(isolate, properties, 8, expected_properties3_1);
14515+
CheckIsSymbolAt(isolate, properties, 7, "symbol");
14516+
14517+
properties =
14518+
object
14519+
->GetPropertyNames(context.local(), v8::KeyCollectionMode::kOwnOnly,
14520+
default_filter, v8::IndexFilter::kSkipIndices)
14521+
.ToLocalChecked();
14522+
const char* expected_properties4[] = {"a", "b", "4294967296", "4294967295"};
14523+
CheckStringArray(isolate, properties, 4, expected_properties4);
14524+
14525+
properties = object
14526+
->GetPropertyNames(
14527+
context.local(), v8::KeyCollectionMode::kOwnOnly,
14528+
include_symbols_filter, v8::IndexFilter::kSkipIndices)
14529+
.ToLocalChecked();
14530+
const char* expected_properties4_1[] = {"a", "b", "4294967296", "4294967295",
14531+
nullptr};
14532+
CheckStringArray(isolate, properties, 5, expected_properties4_1);
14533+
CheckIsSymbolAt(isolate, properties, 4, "symbol");
14534+
}
14535+
1443214536
THREADED_TEST(AccessChecksReenabledCorrectly) {
1443314537
LocalContext context;
1443414538
v8::Isolate* isolate = context->GetIsolate();

0 commit comments

Comments
 (0)