Bug 572233 - Don't accidentally wrap an object on the prototype chain. r=jst

--HG-- extra : rebase_source : ff4c32ed65dde104f2630d9d435888b12298a29f
2024-09-13 09:24:08 -07:00 · 2010-06-23 16:56:28 -05:00 · 2010-06-23 16:56:28 -05:00 · 78d9a8bac6
commit 78d9a8bac6
parent 68ab0034ba
1 changed files with 9 additions and 17 deletions
--- a/js/src/xpconnect/src/xpcwrappednativescope.cpp
+++ b/js/src/xpconnect/src/xpcwrappednativescope.cpp
@ -1031,8 +1031,12 @@ XPCWrappedNativeScope::GetWrapperFor(JSContext *cx, JSObject *obj,
            principalEqual = PR_TRUE;
    }

+    PRBool native = IS_WRAPPER_CLASS(obj->getClass());
+    XPCWrappedNative *wrapper = (native && IS_WN_WRAPPER_OBJECT(obj))
+                                ? (XPCWrappedNative *) xpc_GetJSPrivate(obj)
+                                : nsnull;
    if(wn)
-        *wn = nsnull;
+        *wn = wrapper;

    // XXX The isSystem checks shouldn't be needed, but are needed because we
    // can get here before nsGlobalChromeWindows have a non-about:blank
@ -1053,25 +1057,19 @@ XPCWrappedNativeScope::GetWrapperFor(JSContext *cx, JSObject *obj,
            XPCCrossOriginWrapper::ClassNeedsXOW(obj->getClass()->name);

        // Is other a chrome object?
-        JSObject *obj2;
-        XPCWrappedNative *wrapper =
-            XPCWrappedNative::GetWrappedNativeOfJSObject(cx, obj, nsnull, &obj2);
        if(principalEqual || obj->isSystem())
        {
            if(hint & XPCNW)
-                return (wrapper || obj2) ? hint : NONE;
+                return native ? hint : NONE;
            return wantsXOW ? SJOW : NONE;
        }

        // Other isn't a chrome object: we need to wrap it in a SJOW or an
        // XPCNW.

-        if(!wrapper && !obj2)
+        if(!native)
            hint = SJOW;
-
-        if(wn)
-            *wn = wrapper;
-        if(hint == UNKNOWN)
+        else if(hint == UNKNOWN)
            hint = XPCNW_IMPLICIT;

        NS_ASSERTION(hint <= SJOW, "returning the wrong wrapper for chrome code");
@ -1081,12 +1079,6 @@ XPCWrappedNativeScope::GetWrapperFor(JSContext *cx, JSObject *obj,
    // We're content code. We must never return XPCNW_IMPLICIT from here (but
    // might return XPCNW_EXPLICIT if hint is already XPCNW_EXPLICIT).

-    JSObject *obj2;
-    XPCWrappedNative *wrapper =
-        XPCWrappedNative::GetWrappedNativeOfJSObject(cx, obj, nsnull, &obj2);
-    if(wn)
-        *wn = wrapper;
-
    nsIPrincipal *otherprincipal = other->GetPrincipal();
    XPCWrapper::GetSecurityManager()->IsSystemPrincipal(otherprincipal, &system);
    if(system)
@ -1107,7 +1099,7 @@ XPCWrappedNativeScope::GetWrapperFor(JSContext *cx, JSObject *obj,

    // If this object isn't an XPCWrappedNative, then we don't need to create
    // any other types of wrapper than the hint.
-    if(!wrapper && !obj2)
+    if(!native)
    {
 #if 0
        // XXX Re-enable these assertions when we have a better mochitest