RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-10-31 17:52:45 +00:00
Code Issues Activity Actions

LibJS: Protect private elements from GC during class construction

Browse source 
Fixes an issue caught by test-js -g + UBSAN.
This commit is contained in:
Andreas Kling 2024-02-22 13:22:35 +01:00
parent 4bbb0a5c35
commit 883b2268c0
1 changed files with 4 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

7
Userland/Libraries/LibJS/AST.cpp
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2020-2023, Andreas Kling <kling@serenityos.org>
* Copyright (c) 2020-2024, Andreas Kling <kling@serenityos.org>
* Copyright (c) 2020-2023, Linus Groh <linusg@serenityos.org>
* Copyright (c) 2021-2022, David Tuin <davidot@serenityos.org>
*
@ -15,6 +15,7 @@
#include <AK/TemporaryChange.h>
#include <LibCrypto/BigInt/SignedBigInteger.h>
#include <LibJS/AST.h>
#include <LibJS/Heap/ConservativeVector.h>
#include <LibJS/Heap/MarkedVector.h>
#include <LibJS/Runtime/AbstractOperations.h>
#include <LibJS/Runtime/Accessor.h>
@ -372,8 +373,8 @@ ThrowCompletionOr<ECMAScriptFunctionObject*> ClassExpression::create_class_const
using StaticElement = Variant<ClassFieldDefinition, Handle<ECMAScriptFunctionObject>>;
Vector<PrivateElement> static_private_methods;
Vector<PrivateElement> instance_private_methods;
ConservativeVector<PrivateElement> static_private_methods(vm.heap());
ConservativeVector<PrivateElement> instance_private_methods(vm.heap());
Vector<ClassFieldDefinition> instance_fields;
Vector<StaticElement> static_elements;