1 /* 2 * Copyright (C) 2004, 2006 Apple Computer, Inc. All rights reserved. 3 * Copyright (C) 2007-2009 Google, Inc. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 14 * THIS SOFTWARE IS PROVIDED BY APPLE COMPUTER, INC. ``AS IS'' AND ANY 15 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 17 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE COMPUTER, INC. OR 18 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 19 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 20 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 21 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY 22 * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 24 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25 */ 26 27 #include "config.h" 28 29 #include "bindings/v8/NPV8Object.h" 30 #include "bindings/v8/V8NPObject.h" 31 #include "bindings/v8/npruntime_impl.h" 32 #include "bindings/v8/npruntime_priv.h" 33 34 #include "wtf/Assertions.h" 35 #include "wtf/HashMap.h" 36 #include "wtf/HashSet.h" 37 #include "wtf/HashTableDeletedValueType.h" 38 39 using namespace WebCore; 40 41 // FIXME: Consider removing locks if we're singlethreaded already. 42 // The static initializer here should work okay, but we want to avoid 43 // static initialization in general. 44 45 namespace npruntime { 46 47 // We use StringKey here as the key-type to avoid a string copy to 48 // construct the map key and for faster comparisons than strcmp. 49 class StringKey { 50 public: 51 explicit StringKey(const char* str) : m_string(str), m_length(strlen(str)) { } 52 StringKey() : m_string(0), m_length(0) { } 53 explicit StringKey(WTF::HashTableDeletedValueType) : m_string(hashTableDeletedValue()), m_length(0) { } 54 55 StringKey& operator=(const StringKey& other) 56 { 57 this->m_string = other.m_string; 58 this->m_length = other.m_length; 59 return *this; 60 } 61 62 bool isHashTableDeletedValue() const 63 { 64 return m_string == hashTableDeletedValue(); 65 } 66 67 const char* m_string; 68 size_t m_length; 69 70 private: 71 const char* hashTableDeletedValue() const 72 { 73 return reinterpret_cast<const char*>(-1); 74 } 75 }; 76 77 inline bool operator==(const StringKey& x, const StringKey& y) 78 { 79 if (x.m_length != y.m_length) 80 return false; 81 if (x.m_string == y.m_string) 82 return true; 83 84 ASSERT(!x.isHashTableDeletedValue() && !y.isHashTableDeletedValue()); 85 return !memcmp(x.m_string, y.m_string, y.m_length); 86 } 87 88 // Implement WTF::DefaultHash<StringKey>::Hash interface. 89 struct StringKeyHash { 90 static unsigned hash(const StringKey& key) 91 { 92 // Compute string hash. 93 unsigned hash = 0; 94 size_t len = key.m_length; 95 const char* str = key.m_string; 96 for (size_t i = 0; i < len; i++) { 97 char c = str[i]; 98 hash += c; 99 hash += (hash << 10); 100 hash ^= (hash >> 6); 101 } 102 hash += (hash << 3); 103 hash ^= (hash >> 11); 104 hash += (hash << 15); 105 if (hash == 0) 106 hash = 27; 107 return hash; 108 } 109 110 static bool equal(const StringKey& x, const StringKey& y) 111 { 112 return x == y; 113 } 114 115 static const bool safeToCompareToEmptyOrDeleted = true; 116 }; 117 118 } // namespace npruntime 119 120 using npruntime::StringKey; 121 using npruntime::StringKeyHash; 122 123 // Implement HashTraits<StringKey> 124 struct StringKeyHashTraits : WTF::GenericHashTraits<StringKey> { 125 static void constructDeletedValue(StringKey& slot) 126 { 127 new (&slot) StringKey(WTF::HashTableDeletedValue); 128 } 129 130 static bool isDeletedValue(const StringKey& value) 131 { 132 return value.isHashTableDeletedValue(); 133 } 134 }; 135 136 typedef WTF::HashMap<StringKey, PrivateIdentifier*, StringKeyHash, StringKeyHashTraits> StringIdentifierMap; 137 138 static StringIdentifierMap* getStringIdentifierMap() 139 { 140 static StringIdentifierMap* stringIdentifierMap = 0; 141 if (!stringIdentifierMap) 142 stringIdentifierMap = new StringIdentifierMap(); 143 return stringIdentifierMap; 144 } 145 146 typedef WTF::HashMap<int, PrivateIdentifier*> IntIdentifierMap; 147 148 static IntIdentifierMap* getIntIdentifierMap() 149 { 150 static IntIdentifierMap* intIdentifierMap = 0; 151 if (!intIdentifierMap) 152 intIdentifierMap = new IntIdentifierMap(); 153 return intIdentifierMap; 154 } 155 156 extern "C" { 157 158 NPIdentifier _NPN_GetStringIdentifier(const NPUTF8* name) 159 { 160 ASSERT(name); 161 162 if (name) { 163 164 StringKey key(name); 165 StringIdentifierMap* identMap = getStringIdentifierMap(); 166 StringIdentifierMap::iterator iter = identMap->find(key); 167 if (iter != identMap->end()) 168 return static_cast<NPIdentifier>(iter->value); 169 170 size_t nameLen = key.m_length; 171 172 // We never release identifiers, so this dictionary will grow. 173 PrivateIdentifier* identifier = static_cast<PrivateIdentifier*>(malloc(sizeof(PrivateIdentifier) + nameLen + 1)); 174 char* nameStorage = reinterpret_cast<char*>(identifier + 1); 175 memcpy(nameStorage, name, nameLen + 1); 176 identifier->isString = true; 177 identifier->value.string = reinterpret_cast<NPUTF8*>(nameStorage); 178 key.m_string = nameStorage; 179 identMap->set(key, identifier); 180 return (NPIdentifier)identifier; 181 } 182 183 return 0; 184 } 185 186 void _NPN_GetStringIdentifiers(const NPUTF8** names, int32_t nameCount, NPIdentifier* identifiers) 187 { 188 ASSERT(names); 189 ASSERT(identifiers); 190 191 if (names && identifiers) { 192 for (int i = 0; i < nameCount; i++) 193 identifiers[i] = _NPN_GetStringIdentifier(names[i]); 194 } 195 } 196 197 NPIdentifier _NPN_GetIntIdentifier(int32_t intId) 198 { 199 // Special case for -1 and 0, both cannot be used as key in HashMap. 200 if (!intId || intId == -1) { 201 static PrivateIdentifier* minusOneOrZeroIds[2]; 202 PrivateIdentifier* id = minusOneOrZeroIds[intId + 1]; 203 if (!id) { 204 id = reinterpret_cast<PrivateIdentifier*>(malloc(sizeof(PrivateIdentifier))); 205 id->isString = false; 206 id->value.number = intId; 207 minusOneOrZeroIds[intId + 1] = id; 208 } 209 return (NPIdentifier) id; 210 } 211 212 IntIdentifierMap* identMap = getIntIdentifierMap(); 213 IntIdentifierMap::iterator iter = identMap->find(intId); 214 if (iter != identMap->end()) 215 return static_cast<NPIdentifier>(iter->value); 216 217 // We never release identifiers, so this dictionary will grow. 218 PrivateIdentifier* identifier = reinterpret_cast<PrivateIdentifier*>(malloc(sizeof(PrivateIdentifier))); 219 identifier->isString = false; 220 identifier->value.number = intId; 221 identMap->set(intId, identifier); 222 return (NPIdentifier)identifier; 223 } 224 225 bool _NPN_IdentifierIsString(NPIdentifier identifier) 226 { 227 PrivateIdentifier* privateIdentifier = reinterpret_cast<PrivateIdentifier*>(identifier); 228 return privateIdentifier->isString; 229 } 230 231 NPUTF8 *_NPN_UTF8FromIdentifier(NPIdentifier identifier) 232 { 233 PrivateIdentifier* privateIdentifier = reinterpret_cast<PrivateIdentifier*>(identifier); 234 if (!privateIdentifier->isString || !privateIdentifier->value.string) 235 return 0; 236 237 return (NPUTF8*) strdup(privateIdentifier->value.string); 238 } 239 240 int32_t _NPN_IntFromIdentifier(NPIdentifier identifier) 241 { 242 PrivateIdentifier* privateIdentifier = reinterpret_cast<PrivateIdentifier*>(identifier); 243 if (privateIdentifier->isString) 244 return 0; 245 return privateIdentifier->value.number; 246 } 247 248 void _NPN_ReleaseVariantValue(NPVariant* variant) 249 { 250 ASSERT(variant); 251 252 if (variant->type == NPVariantType_Object) { 253 _NPN_ReleaseObject(variant->value.objectValue); 254 variant->value.objectValue = 0; 255 } else if (variant->type == NPVariantType_String) { 256 free((void*)variant->value.stringValue.UTF8Characters); 257 variant->value.stringValue.UTF8Characters = 0; 258 variant->value.stringValue.UTF8Length = 0; 259 } 260 261 variant->type = NPVariantType_Void; 262 } 263 264 NPObject *_NPN_CreateObject(NPP npp, NPClass* npClass) 265 { 266 ASSERT(npClass); 267 268 if (npClass) { 269 NPObject* npObject; 270 if (npClass->allocate != 0) 271 npObject = npClass->allocate(npp, npClass); 272 else 273 npObject = reinterpret_cast<NPObject*>(malloc(sizeof(NPObject))); 274 275 npObject->_class = npClass; 276 npObject->referenceCount = 1; 277 return npObject; 278 } 279 280 return 0; 281 } 282 283 NPObject* _NPN_RetainObject(NPObject* npObject) 284 { 285 ASSERT(npObject); 286 ASSERT(npObject->referenceCount > 0); 287 288 if (npObject) 289 npObject->referenceCount++; 290 291 return npObject; 292 } 293 294 // _NPN_DeallocateObject actually deletes the object. Technically, 295 // callers should use _NPN_ReleaseObject. Webkit exposes this function 296 // to kill objects which plugins may not have properly released. 297 void _NPN_DeallocateObject(NPObject* npObject) 298 { 299 ASSERT(npObject); 300 301 if (npObject) { 302 // NPObjects that remain in pure C++ may never have wrappers. 303 // Hence, if it's not already alive, don't unregister it. 304 // If it is alive, unregister it as the *last* thing we do 305 // so that it can do as much cleanup as possible on its own. 306 if (_NPN_IsAlive(npObject)) 307 _NPN_UnregisterObject(npObject); 308 309 npObject->referenceCount = -1; 310 if (npObject->_class->deallocate) 311 npObject->_class->deallocate(npObject); 312 else 313 free(npObject); 314 } 315 } 316 317 void _NPN_ReleaseObject(NPObject* npObject) 318 { 319 ASSERT(npObject); 320 ASSERT(npObject->referenceCount >= 1); 321 322 if (npObject && npObject->referenceCount >= 1) { 323 if (!--npObject->referenceCount) 324 _NPN_DeallocateObject(npObject); 325 } 326 } 327 328 void _NPN_InitializeVariantWithStringCopy(NPVariant* variant, const NPString* value) 329 { 330 variant->type = NPVariantType_String; 331 variant->value.stringValue.UTF8Length = value->UTF8Length; 332 variant->value.stringValue.UTF8Characters = reinterpret_cast<NPUTF8*>(malloc(sizeof(NPUTF8) * value->UTF8Length)); 333 memcpy((void*)variant->value.stringValue.UTF8Characters, value->UTF8Characters, sizeof(NPUTF8) * value->UTF8Length); 334 } 335 336 } // extern "C" 337 338 // NPN_Registry 339 // 340 // The registry is designed for quick lookup of NPObjects. 341 // JS needs to be able to quickly lookup a given NPObject to determine 342 // if it is alive or not. 343 // The browser needs to be able to quickly lookup all NPObjects which are 344 // "owned" by an object. 345 // 346 // The liveObjectMap is a hash table of all live objects to their owner 347 // objects. Presence in this table is used primarily to determine if 348 // objects are live or not. 349 // 350 // The rootObjectMap is a hash table of root objects to a set of 351 // objects that should be deactivated in sync with the root. A 352 // root is defined as a top-level owner object. This is used on 353 // Frame teardown to deactivate all objects associated 354 // with a particular plugin. 355 356 typedef WTF::HashSet<NPObject*> NPObjectSet; 357 typedef WTF::HashMap<NPObject*, NPObject*> NPObjectMap; 358 typedef WTF::HashMap<NPObject*, NPObjectSet*> NPRootObjectMap; 359 360 // A map of live NPObjects with pointers to their Roots. 361 static NPObjectMap& liveObjectMap() 362 { 363 DEFINE_STATIC_LOCAL(NPObjectMap, objectMap, ()); 364 return objectMap; 365 } 366 367 // A map of the root objects and the list of NPObjects 368 // associated with that object. 369 static NPRootObjectMap& rootObjectMap() 370 { 371 DEFINE_STATIC_LOCAL(NPRootObjectMap, objectMap, ()); 372 return objectMap; 373 } 374 375 extern "C" { 376 377 void _NPN_RegisterObject(NPObject* npObject, NPObject* owner) 378 { 379 ASSERT(npObject); 380 381 // Check if already registered. 382 if (liveObjectMap().find(npObject) != liveObjectMap().end()) 383 return; 384 385 if (!owner) { 386 // Registering a new owner object. 387 ASSERT(rootObjectMap().find(npObject) == rootObjectMap().end()); 388 rootObjectMap().set(npObject, new NPObjectSet()); 389 } else { 390 // Always associate this object with it's top-most parent. 391 // Since we always flatten, we only have to look up one level. 392 NPObjectMap::iterator ownerEntry = liveObjectMap().find(owner); 393 NPObject* parent = 0; 394 if (liveObjectMap().end() != ownerEntry) 395 parent = ownerEntry->value; 396 397 if (parent) 398 owner = parent; 399 ASSERT(rootObjectMap().find(npObject) == rootObjectMap().end()); 400 if (rootObjectMap().find(owner) != rootObjectMap().end()) 401 rootObjectMap().get(owner)->add(npObject); 402 } 403 404 ASSERT(liveObjectMap().find(npObject) == liveObjectMap().end()); 405 liveObjectMap().set(npObject, owner); 406 } 407 408 void _NPN_UnregisterObject(NPObject* npObject) 409 { 410 ASSERT(npObject); 411 ASSERT(liveObjectMap().find(npObject) != liveObjectMap().end()); 412 413 NPObject* owner = 0; 414 if (liveObjectMap().find(npObject) != liveObjectMap().end()) 415 owner = liveObjectMap().find(npObject)->value; 416 417 if (!owner) { 418 // Unregistering a owner object; also unregister it's descendants. 419 ASSERT(rootObjectMap().find(npObject) != rootObjectMap().end()); 420 NPObjectSet* set = rootObjectMap().get(npObject); 421 while (set->size() > 0) { 422 #ifndef NDEBUG 423 int size = set->size(); 424 #endif 425 NPObject* sub_object = *(set->begin()); 426 // The sub-object should not be a owner! 427 ASSERT(rootObjectMap().find(sub_object) == rootObjectMap().end()); 428 429 // First, unregister the object. 430 set->remove(sub_object); 431 liveObjectMap().remove(sub_object); 432 433 // Script objects hold a refernce to their DOMWindow*, which is going away if 434 // we're unregistering the associated owner NPObject. Clear it out. 435 if (V8NPObject* v8npObject = npObjectToV8NPObject(sub_object)) 436 v8npObject->rootObject = 0; 437 438 // Remove the JS references to the object. 439 forgetV8ObjectForNPObject(sub_object); 440 441 ASSERT(set->size() < size); 442 } 443 delete set; 444 rootObjectMap().remove(npObject); 445 } else { 446 NPRootObjectMap::iterator ownerEntry = rootObjectMap().find(owner); 447 if (ownerEntry != rootObjectMap().end()) { 448 NPObjectSet* list = ownerEntry->value; 449 ASSERT(list->find(npObject) != list->end()); 450 list->remove(npObject); 451 } 452 } 453 454 liveObjectMap().remove(npObject); 455 forgetV8ObjectForNPObject(npObject); 456 } 457 458 bool _NPN_IsAlive(NPObject* npObject) 459 { 460 return liveObjectMap().find(npObject) != liveObjectMap().end(); 461 } 462 463 } // extern "C" 464