1 /* 2 * Copyright (C) 2004, 2006 Apple Computer, Inc. All rights reserved. 3 * Copyright (C) 2007-2009 Google, Inc. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 14 * THIS SOFTWARE IS PROVIDED BY APPLE COMPUTER, INC. ``AS IS'' AND ANY 15 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 17 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE COMPUTER, INC. OR 18 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 19 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 20 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 21 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY 22 * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 24 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25 */ 26 27 #include "config.h" 28 29 #include "NPV8Object.h" 30 #include "npruntime_impl.h" 31 #include "npruntime_priv.h" 32 #include "V8NPObject.h" 33 34 #include <wtf/HashMap.h> 35 #include <wtf/HashSet.h> 36 #include <wtf/Assertions.h> 37 38 // FIXME: Consider removing locks if we're singlethreaded already. 39 // The static initializer here should work okay, but we want to avoid 40 // static initialization in general. 41 42 namespace npruntime { 43 44 // We use StringKey here as the key-type to avoid a string copy to 45 // construct the map key and for faster comparisons than strcmp. 46 class StringKey { 47 public: 48 explicit StringKey(const char* str) : m_string(str), m_length(strlen(str)) { } 49 StringKey() : m_string(0), m_length(0) { } 50 explicit StringKey(WTF::HashTableDeletedValueType) : m_string(hashTableDeletedValue()), m_length(0) { } 51 52 StringKey& operator=(const StringKey& other) 53 { 54 this->m_string = other.m_string; 55 this->m_length = other.m_length; 56 return *this; 57 } 58 59 bool isHashTableDeletedValue() const 60 { 61 return m_string == hashTableDeletedValue(); 62 } 63 64 const char* m_string; 65 size_t m_length; 66 67 private: 68 const char* hashTableDeletedValue() const 69 { 70 return reinterpret_cast<const char*>(-1); 71 } 72 }; 73 74 inline bool operator==(const StringKey& x, const StringKey& y) 75 { 76 if (x.m_length != y.m_length) 77 return false; 78 if (x.m_string == y.m_string) 79 return true; 80 81 ASSERT(!x.isHashTableDeletedValue() && !y.isHashTableDeletedValue()); 82 return !memcmp(x.m_string, y.m_string, y.m_length); 83 } 84 85 // Implement WTF::DefaultHash<StringKey>::Hash interface. 86 struct StringKeyHash { 87 static unsigned hash(const StringKey& key) 88 { 89 // Compute string hash. 90 unsigned hash = 0; 91 size_t len = key.m_length; 92 const char* str = key.m_string; 93 for (size_t i = 0; i < len; i++) { 94 char c = str[i]; 95 hash += c; 96 hash += (hash << 10); 97 hash ^= (hash >> 6); 98 } 99 hash += (hash << 3); 100 hash ^= (hash >> 11); 101 hash += (hash << 15); 102 if (hash == 0) 103 hash = 27; 104 return hash; 105 } 106 107 static bool equal(const StringKey& x, const StringKey& y) 108 { 109 return x == y; 110 } 111 112 static const bool safeToCompareToEmptyOrDeleted = true; 113 }; 114 115 } // namespace npruntime 116 117 using npruntime::StringKey; 118 using npruntime::StringKeyHash; 119 120 // Implement HashTraits<StringKey> 121 struct StringKeyHashTraits : WTF::GenericHashTraits<StringKey> { 122 static void constructDeletedValue(StringKey& slot) 123 { 124 new (&slot) StringKey(WTF::HashTableDeletedValue); 125 } 126 127 static bool isDeletedValue(const StringKey& value) 128 { 129 return value.isHashTableDeletedValue(); 130 } 131 }; 132 133 typedef WTF::HashMap<StringKey, PrivateIdentifier*, StringKeyHash, StringKeyHashTraits> StringIdentifierMap; 134 135 static StringIdentifierMap* getStringIdentifierMap() 136 { 137 static StringIdentifierMap* stringIdentifierMap = 0; 138 if (!stringIdentifierMap) 139 stringIdentifierMap = new StringIdentifierMap(); 140 return stringIdentifierMap; 141 } 142 143 typedef WTF::HashMap<int, PrivateIdentifier*> IntIdentifierMap; 144 145 static IntIdentifierMap* getIntIdentifierMap() 146 { 147 static IntIdentifierMap* intIdentifierMap = 0; 148 if (!intIdentifierMap) 149 intIdentifierMap = new IntIdentifierMap(); 150 return intIdentifierMap; 151 } 152 153 extern "C" { 154 155 NPIdentifier _NPN_GetStringIdentifier(const NPUTF8* name) 156 { 157 ASSERT(name); 158 159 if (name) { 160 161 StringKey key(name); 162 StringIdentifierMap* identMap = getStringIdentifierMap(); 163 StringIdentifierMap::iterator iter = identMap->find(key); 164 if (iter != identMap->end()) 165 return static_cast<NPIdentifier>(iter->second); 166 167 size_t nameLen = key.m_length; 168 169 // We never release identifiers, so this dictionary will grow. 170 PrivateIdentifier* identifier = static_cast<PrivateIdentifier*>(malloc(sizeof(PrivateIdentifier) + nameLen + 1)); 171 char* nameStorage = reinterpret_cast<char*>(identifier + 1); 172 memcpy(nameStorage, name, nameLen + 1); 173 identifier->isString = true; 174 identifier->value.string = reinterpret_cast<NPUTF8*>(nameStorage); 175 key.m_string = nameStorage; 176 identMap->set(key, identifier); 177 return (NPIdentifier)identifier; 178 } 179 180 return 0; 181 } 182 183 void _NPN_GetStringIdentifiers(const NPUTF8** names, int32_t nameCount, NPIdentifier* identifiers) 184 { 185 ASSERT(names); 186 ASSERT(identifiers); 187 188 if (names && identifiers) { 189 for (int i = 0; i < nameCount; i++) 190 identifiers[i] = _NPN_GetStringIdentifier(names[i]); 191 } 192 } 193 194 NPIdentifier _NPN_GetIntIdentifier(int32_t intId) 195 { 196 // Special case for -1 and 0, both cannot be used as key in HashMap. 197 if (!intId || intId == -1) { 198 static PrivateIdentifier* minusOneOrZeroIds[2]; 199 PrivateIdentifier* id = minusOneOrZeroIds[intId + 1]; 200 if (!id) { 201 id = reinterpret_cast<PrivateIdentifier*>(malloc(sizeof(PrivateIdentifier))); 202 id->isString = false; 203 id->value.number = intId; 204 minusOneOrZeroIds[intId + 1] = id; 205 } 206 return (NPIdentifier) id; 207 } 208 209 IntIdentifierMap* identMap = getIntIdentifierMap(); 210 IntIdentifierMap::iterator iter = identMap->find(intId); 211 if (iter != identMap->end()) 212 return static_cast<NPIdentifier>(iter->second); 213 214 // We never release identifiers, so this dictionary will grow. 215 PrivateIdentifier* identifier = reinterpret_cast<PrivateIdentifier*>(malloc(sizeof(PrivateIdentifier))); 216 identifier->isString = false; 217 identifier->value.number = intId; 218 identMap->set(intId, identifier); 219 return (NPIdentifier)identifier; 220 } 221 222 bool _NPN_IdentifierIsString(NPIdentifier identifier) 223 { 224 PrivateIdentifier* privateIdentifier = reinterpret_cast<PrivateIdentifier*>(identifier); 225 return privateIdentifier->isString; 226 } 227 228 NPUTF8 *_NPN_UTF8FromIdentifier(NPIdentifier identifier) 229 { 230 PrivateIdentifier* privateIdentifier = reinterpret_cast<PrivateIdentifier*>(identifier); 231 if (!privateIdentifier->isString || !privateIdentifier->value.string) 232 return 0; 233 234 return (NPUTF8*) strdup(privateIdentifier->value.string); 235 } 236 237 int32_t _NPN_IntFromIdentifier(NPIdentifier identifier) 238 { 239 PrivateIdentifier* privateIdentifier = reinterpret_cast<PrivateIdentifier*>(identifier); 240 if (privateIdentifier->isString) 241 return 0; 242 return privateIdentifier->value.number; 243 } 244 245 void _NPN_ReleaseVariantValue(NPVariant* variant) 246 { 247 ASSERT(variant); 248 249 if (variant->type == NPVariantType_Object) { 250 _NPN_ReleaseObject(variant->value.objectValue); 251 variant->value.objectValue = 0; 252 } else if (variant->type == NPVariantType_String) { 253 free((void*)variant->value.stringValue.UTF8Characters); 254 variant->value.stringValue.UTF8Characters = 0; 255 variant->value.stringValue.UTF8Length = 0; 256 } 257 258 variant->type = NPVariantType_Void; 259 } 260 261 NPObject *_NPN_CreateObject(NPP npp, NPClass* npClass) 262 { 263 ASSERT(npClass); 264 265 if (npClass) { 266 NPObject* npObject; 267 if (npClass->allocate != 0) 268 npObject = npClass->allocate(npp, npClass); 269 else 270 npObject = reinterpret_cast<NPObject*>(malloc(sizeof(NPObject))); 271 272 npObject->_class = npClass; 273 npObject->referenceCount = 1; 274 return npObject; 275 } 276 277 return 0; 278 } 279 280 NPObject* _NPN_RetainObject(NPObject* npObject) 281 { 282 ASSERT(npObject); 283 ASSERT(npObject->referenceCount > 0); 284 285 if (npObject) 286 npObject->referenceCount++; 287 288 return npObject; 289 } 290 291 // _NPN_DeallocateObject actually deletes the object. Technically, 292 // callers should use _NPN_ReleaseObject. Webkit exposes this function 293 // to kill objects which plugins may not have properly released. 294 void _NPN_DeallocateObject(NPObject* npObject) 295 { 296 ASSERT(npObject); 297 ASSERT(npObject->referenceCount >= 0); 298 299 if (npObject) { 300 // NPObjects that remain in pure C++ may never have wrappers. 301 // Hence, if it's not already alive, don't unregister it. 302 // If it is alive, unregister it as the *last* thing we do 303 // so that it can do as much cleanup as possible on its own. 304 if (_NPN_IsAlive(npObject)) 305 _NPN_UnregisterObject(npObject); 306 307 npObject->referenceCount = -1; 308 if (npObject->_class->deallocate) 309 npObject->_class->deallocate(npObject); 310 else 311 free(npObject); 312 } 313 } 314 315 #if PLATFORM(ANDROID) 316 // Android uses NPN_ReleaseObject (the 'public' version of _NPN_ReleaseObject) 317 // in WebCoreFrameBridge.cpp. See http://trac.webkit.org/changeset/47021. 318 // TODO: Upstream this to webkit.org. 319 void NPN_ReleaseObject(NPObject *obj) 320 { 321 _NPN_ReleaseObject(obj); 322 } 323 #endif 324 void _NPN_ReleaseObject(NPObject* npObject) 325 { 326 ASSERT(npObject); 327 ASSERT(npObject->referenceCount >= 1); 328 329 if (npObject && npObject->referenceCount >= 1) { 330 if (!--npObject->referenceCount) 331 _NPN_DeallocateObject(npObject); 332 } 333 } 334 335 void _NPN_InitializeVariantWithStringCopy(NPVariant* variant, const NPString* value) 336 { 337 variant->type = NPVariantType_String; 338 variant->value.stringValue.UTF8Length = value->UTF8Length; 339 variant->value.stringValue.UTF8Characters = reinterpret_cast<NPUTF8*>(malloc(sizeof(NPUTF8) * value->UTF8Length)); 340 memcpy((void*)variant->value.stringValue.UTF8Characters, value->UTF8Characters, sizeof(NPUTF8) * value->UTF8Length); 341 } 342 343 344 // NPN_Registry 345 // 346 // The registry is designed for quick lookup of NPObjects. 347 // JS needs to be able to quickly lookup a given NPObject to determine 348 // if it is alive or not. 349 // The browser needs to be able to quickly lookup all NPObjects which are 350 // "owned" by an object. 351 // 352 // The liveObjectMap is a hash table of all live objects to their owner 353 // objects. Presence in this table is used primarily to determine if 354 // objects are live or not. 355 // 356 // The rootObjectMap is a hash table of root objects to a set of 357 // objects that should be deactivated in sync with the root. A 358 // root is defined as a top-level owner object. This is used on 359 // Frame teardown to deactivate all objects associated 360 // with a particular plugin. 361 362 typedef WTF::HashSet<NPObject*> NPObjectSet; 363 typedef WTF::HashMap<NPObject*, NPObject*> NPObjectMap; 364 typedef WTF::HashMap<NPObject*, NPObjectSet*> NPRootObjectMap; 365 366 // A map of live NPObjects with pointers to their Roots. 367 NPObjectMap liveObjectMap; 368 369 // A map of the root objects and the list of NPObjects 370 // associated with that object. 371 NPRootObjectMap rootObjectMap; 372 373 void _NPN_RegisterObject(NPObject* npObject, NPObject* owner) 374 { 375 ASSERT(npObject); 376 377 // Check if already registered. 378 if (liveObjectMap.find(npObject) != liveObjectMap.end()) 379 return; 380 381 if (!owner) { 382 // Registering a new owner object. 383 ASSERT(rootObjectMap.find(npObject) == rootObjectMap.end()); 384 rootObjectMap.set(npObject, new NPObjectSet()); 385 } else { 386 // Always associate this object with it's top-most parent. 387 // Since we always flatten, we only have to look up one level. 388 NPObjectMap::iterator ownerEntry = liveObjectMap.find(owner); 389 NPObject* parent = 0; 390 if (liveObjectMap.end() != ownerEntry) 391 parent = ownerEntry->second; 392 393 if (parent) 394 owner = parent; 395 ASSERT(rootObjectMap.find(npObject) == rootObjectMap.end()); 396 if (rootObjectMap.find(owner) != rootObjectMap.end()) 397 rootObjectMap.get(owner)->add(npObject); 398 } 399 400 ASSERT(liveObjectMap.find(npObject) == liveObjectMap.end()); 401 liveObjectMap.set(npObject, owner); 402 } 403 404 void _NPN_UnregisterObject(NPObject* npObject) 405 { 406 ASSERT(npObject); 407 ASSERT(liveObjectMap.find(npObject) != liveObjectMap.end()); 408 409 NPObject* owner = 0; 410 if (liveObjectMap.find(npObject) != liveObjectMap.end()) 411 owner = liveObjectMap.find(npObject)->second; 412 413 if (!owner) { 414 // Unregistering a owner object; also unregister it's descendants. 415 ASSERT(rootObjectMap.find(npObject) != rootObjectMap.end()); 416 NPObjectSet* set = rootObjectMap.get(npObject); 417 while (set->size() > 0) { 418 #ifndef NDEBUG 419 int size = set->size(); 420 #endif 421 NPObject* sub_object = *(set->begin()); 422 // The sub-object should not be a owner! 423 ASSERT(rootObjectMap.find(sub_object) == rootObjectMap.end()); 424 425 // First, unregister the object. 426 set->remove(sub_object); 427 liveObjectMap.remove(sub_object); 428 429 // Remove the JS references to the object. 430 forgetV8ObjectForNPObject(sub_object); 431 432 ASSERT(set->size() < size); 433 } 434 delete set; 435 rootObjectMap.remove(npObject); 436 } else { 437 NPRootObjectMap::iterator ownerEntry = rootObjectMap.find(owner); 438 if (ownerEntry != rootObjectMap.end()) { 439 NPObjectSet* list = ownerEntry->second; 440 ASSERT(list->find(npObject) != list->end()); 441 list->remove(npObject); 442 } 443 } 444 445 liveObjectMap.remove(npObject); 446 forgetV8ObjectForNPObject(npObject); 447 } 448 449 bool _NPN_IsAlive(NPObject* npObject) 450 { 451 return liveObjectMap.find(npObject) != liveObjectMap.end(); 452 } 453 454 } // extern "C" 455