Problems with strict-mode caller poisoning

Andreas Rossberg rossberg at google.com
Wed Nov 28 21:18:40 PST 2012


On 29 November 2012 06:06, Dave Fugate <dave.fugate at gmail.com> wrote:
> The naming 'gNonStrict' here refers to the function not containing a "use
> strict" declaration itself, not that it's subject to strict mode.  Sorry
> this intent wasn't clearer.
>
> Section 15.3.5.4 step 2 in my copy of ES5 reads:
>     If P is "caller" and v is a strict mode Function object, throw a
> TypeError exception.
>
> Is something other than Function's [[Get]] really supposed to be called in
> this snippet?  E.g., 13.2.19.b.  If so, seems like they're still valid test
> cases, only they apply to step 1 of 15.3.5.4, not step 2?

I suppose so, but was that the intention? Either way, there currently
is no test that actually tests step 2.

/Andreas


> On Wed, Nov 28, 2012 at 4:43 PM, Andreas Rossberg <rossberg at google.com>
> wrote:
>>
>> On 29 November 2012 00:16, Dave Fugate <dave.fugate at gmail.com> wrote:
>> > Believe you're correct on the former, but perhaps not the latter=)
>> >
>> > E.g.:
>> >      6 /**
>> >      7    * @path ch15/15.3/15.3.5/15.3.5.4/15.3.5.4_2-1gs.js
>> >      8    * @description Strict mode - checking access to strict
>> > function
>> > caller from strict function (FunctionDeclaration defined within strict
>> > mode)
>> >      9   * @onlyStrict
>> >     10  * @negative TypeError
>> >     11  */
>> >     12
>> >     13
>> >     14 "use strict";
>> >     15 function f() {
>> >     16     return gNonStrict();
>> >     17 }
>> >     18 f();
>> >     19
>> >     20
>> >     21 function gNonStrict() {
>> >     22     return gNonStrict.caller;
>> >     23 }
>> >
>> > is globally scoped strict mode and passes only when a TypeError gets
>> > thrown
>> > indicating strict mode is in effect.
>>
>> The bug with this test (and others) is that gNonStrict is _not_ a
>> non-strict function, its name notwithstanding. Hence the test throws
>> for the wrong reason, namely because strict-function.caller is a
>> poisoned getter, not because of Sec 15.3.5.4, which it is supposed to
>> test.
>>
>> /Andreas
>
>


More information about the es-discuss mailing list