added error checking in JS_InstantiateFunctionListItem()

2025-11-17 11:05:26 +03:00 · 2025-11-15 12:10:44 +01:00
parent ae7219b1a1
commit 125b01279c
1 changed files with 18 additions and 6 deletions
--- a/quickjs.c
+++ b/quickjs.c
@@ -38858,6 +38858,8 @@ static int JS_InstantiateFunctionListItem(JSContext *ctx, JSValueConst obj,
                abort();
            }
            JS_FreeAtom(ctx, atom1);
+            if (JS_IsException(val))
+                return -1;
            if (atom == JS_ATOM_Symbol_toPrimitive) {
                /* Symbol.toPrimitive functions are not writable */
                prop_flags = JS_PROP_CONFIGURABLE;
@@ -38875,8 +38877,9 @@ static int JS_InstantiateFunctionListItem(JSContext *ctx, JSValueConst obj,
            /* Function.prototype[Symbol.hasInstance] is not writable nor configurable */
            prop_flags = 0;
        }
-        JS_DefineAutoInitProperty(ctx, obj, atom, JS_AUTOINIT_ID_PROP,
-                                  (void *)e, prop_flags);
+        if (JS_DefineAutoInitProperty(ctx, obj, atom, JS_AUTOINIT_ID_PROP,
+                                      (void *)e, prop_flags) < 0)
+            return -1;
        return 0;
    case JS_DEF_CGETSET: /* XXX: use autoinit again ? */
    case JS_DEF_CGETSET_MAGIC:
@@ -38890,6 +38893,8 @@ static int JS_InstantiateFunctionListItem(JSContext *ctx, JSValueConst obj,
                getter = JS_NewCFunction2(ctx, e->u.getset.get.generic,
                                          buf, 0, e->def_type == JS_DEF_CGETSET_MAGIC ? JS_CFUNC_getter_magic : JS_CFUNC_getter,
                                          e->magic);
+                if (JS_IsException(getter))
+                    return -1;
            }
            setter = JS_UNDEFINED;
            if (e->u.getset.set.generic) {
@@ -38897,8 +38902,13 @@ static int JS_InstantiateFunctionListItem(JSContext *ctx, JSValueConst obj,
                setter = JS_NewCFunction2(ctx, e->u.getset.set.generic,
                                          buf, 1, e->def_type == JS_DEF_CGETSET_MAGIC ? JS_CFUNC_setter_magic : JS_CFUNC_setter,
                                          e->magic);
+                if (JS_IsException(setter)) {
+                    JS_FreeValue(ctx, getter);
+                    return -1;
+                }
            }
-            JS_DefinePropertyGetSet(ctx, obj, atom, getter, setter, prop_flags);
+            if (JS_DefinePropertyGetSet(ctx, obj, atom, getter, setter, prop_flags) < 0)
+                return -1;
            return 0;
        }
        break;
@@ -38922,13 +38932,15 @@ static int JS_InstantiateFunctionListItem(JSContext *ctx, JSValueConst obj,
        break;
    case JS_DEF_PROP_STRING:
    case JS_DEF_OBJECT:
-        JS_DefineAutoInitProperty(ctx, obj, atom, JS_AUTOINIT_ID_PROP,
-                                  (void *)e, prop_flags);
+        if (JS_DefineAutoInitProperty(ctx, obj, atom, JS_AUTOINIT_ID_PROP,
+                                      (void *)e, prop_flags) < 0)
+            return -1;
        return 0;
    default:
        abort();
    }
-    JS_DefinePropertyValue(ctx, obj, atom, val, prop_flags);
+    if (JS_DefinePropertyValue(ctx, obj, atom, val, prop_flags) < 0)
+        return -1;
    return 0;
 }