From 4c5ed04e64ea9ac0038ae30e1189cfe745b29bd9 Mon Sep 17 00:00:00 2001
From: Ulf Hermann <ulf.hermann@qt.io>
Date: Thu, 23 Jan 2020 14:19:48 +0100
Subject: V4: Check for exceptions before we use the result of a JS call

If the call resulted in an exception the return value is undefined.

Task-number: QTBUG-81581
Change-Id: Ibfdd5e1229cf5437f270232d3b1a91308adeec72
Reviewed-by: Fabian Kosmale <fabian.kosmale@qt.io>
---
 src/qml/jsruntime/qv4arrayobject.cpp | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'src/qml/jsruntime/qv4arrayobject.cpp')

diff --git a/src/qml/jsruntime/qv4arrayobject.cpp b/src/qml/jsruntime/qv4arrayobject.cpp
index 47fd39a8a7..e6f6fd1b7a 100644
--- a/src/qml/jsruntime/qv4arrayobject.cpp
+++ b/src/qml/jsruntime/qv4arrayobject.cpp
@@ -362,7 +362,7 @@ ReturnedValue ArrayPrototype::method_toString(const FunctionObject *builtin, con
     ScopedString string(scope, scope.engine->newString(QStringLiteral("join")));
     ScopedFunctionObject f(scope, that->get(string));
     if (f)
-        return f->call(that, argv, argc);
+        return checkedResult(scope.engine, f->call(that, argv, argc));
     return ObjectPrototype::method_toString(builtin, that, argv, argc);
 }
 
@@ -1211,6 +1211,7 @@ ReturnedValue ArrayPrototype::method_every(const FunctionObject *b, const Value
         arguments[1] = Value::fromDouble(k);
         arguments[2] = instance;
         r = callback->call(that, arguments, 3);
+        CHECK_EXCEPTION();
         ok = r->toBoolean();
     }
     return Encode(ok);
@@ -1278,6 +1279,7 @@ ReturnedValue ArrayPrototype::method_some(const FunctionObject *b, const Value *
         arguments[1] = Value::fromDouble(k);
         arguments[2] = instance;
         result = callback->call(that, arguments, 3);
+        CHECK_EXCEPTION();
         if (result->toBoolean())
             return Encode(true);
     }
@@ -1347,6 +1349,7 @@ ReturnedValue ArrayPrototype::method_map(const FunctionObject *b, const Value *t
         arguments[1] = Value::fromDouble(k);
         arguments[2] = instance;
         mapped = callback->call(that, arguments, 3);
+        CHECK_EXCEPTION();
         a->arraySet(k, mapped);
     }
     return a.asReturnedValue();
@@ -1433,6 +1436,7 @@ ReturnedValue ArrayPrototype::method_reduce(const FunctionObject *b, const Value
             arguments[2] = Value::fromDouble(k);
             arguments[3] = instance;
             acc = callback->call(nullptr, arguments, 4);
+            CHECK_EXCEPTION();
         }
         ++k;
     }
@@ -1486,6 +1490,7 @@ ReturnedValue ArrayPrototype::method_reduceRight(const FunctionObject *b, const
             arguments[2] = Value::fromDouble(k - 1);
             arguments[3] = instance;
             acc = callback->call(nullptr, arguments, 4);
+            CHECK_EXCEPTION();
         }
         --k;
     }
-- 
cgit v1.2.3