LibJS+LibWeb: Make JS::ExecutionContext protect its Web::HTML::ESO owner

We can't be nuking the ESO while its owned execution context is still on the VM's execution context stack, as that may lead to a use-after-free. This patch solves this by adding a `context_owner` field to each context and treating it as a GC root.
author: Andreas Kling <kling@serenityos.org> 2022-11-21 11:18:15 +0100
committer: Linus Groh <mail@linusgroh.de> 2022-11-21 19:22:09 +0000
commit: 849499988e3db08dea73f2444d91936710b91c6f (patch)
tree: 012bbd8fa8ea96c91ba96c9a63561d80fa915b58 /Userland/Libraries/LibWeb/HTML/Scripting/Environments.cpp
parent: 1fdce714837f0a979c1e9a04cc9a72eeddfdd76a (diff)
download: serenity-849499988e3db08dea73f2444d91936710b91c6f.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/Userland/Libraries/LibWeb/HTML/Scripting/Environments.cpp b/Userland/Libraries/LibWeb/HTML/Scripting/Environments.cpp
index 653a38ec95..3e34cb0f6c 100644
--- a/Userland/Libraries/LibWeb/HTML/Scripting/Environments.cpp
+++ b/Userland/Libraries/LibWeb/HTML/Scripting/Environments.cpp
@@ -22,6 +22,8 @@ namespace Web::HTML {
 EnvironmentSettingsObject::EnvironmentSettingsObject(NonnullOwnPtr<JS::ExecutionContext> realm_execution_context)
     : m_realm_execution_context(move(realm_execution_context))
 {
+    m_realm_execution_context->context_owner = this;
+
     // Register with the responsible event loop so we can perform step 4 of "perform a microtask checkpoint".
     responsible_event_loop().register_environment_settings_object({}, *this);
 }
author	Andreas Kling <kling@serenityos.org>	2022-11-21 11:18:15 +0100
committer	Linus Groh <mail@linusgroh.de>	2022-11-21 19:22:09 +0000
commit	849499988e3db08dea73f2444d91936710b91c6f (patch)
tree	012bbd8fa8ea96c91ba96c9a63561d80fa915b58 /Userland/Libraries/LibWeb/HTML/Scripting/Environments.cpp
parent	1fdce714837f0a979c1e9a04cc9a72eeddfdd76a (diff)
download	serenity-849499988e3db08dea73f2444d91936710b91c6f.zip