[webkit-reviews] review granted: [Bug 23282] JSImmediate should be private. : [Attachment 26658] The patch

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon Jan 12 20:42:52 PST 2009

Oliver Hunt <oliver at apple.com> has granted Gavin Barraclough
<barraclough at apple.com>'s request for review:
Bug 23282: JSImmediate should be private.

Attachment 26658: The patch

------- Additional Comments from Oliver Hunt <oliver at apple.com>


@@ double JSCallbackObject<Base>::toNumber(
378378	       if (JSObjectConvertToTypeCallback convertToType =
jsClass->convertToType) {
379379		   JSLock::DropAllLocks dropAllLocks(exec);
380380		   if (JSValueRef value = convertToType(ctx, thisRef,
kJSTypeNumber, toRef(exec->exceptionSlot())))
381		     return toJS(value)->getNumber();
 381		     return toJS(value)->uncheckedGetNumber();
382382	       }
384384	   return Base::toNumber(exec);

This isn't safe -- convertToType is developer defined so we can't guarantee
good behaviour, so this can't be unchecked, i think

double dValue;
return toJS(value)->getNumber(dValue) ? dValue : NaN;

Would be the correct version

Otherwise r=me

More information about the webkit-reviews mailing list