wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity

Bug 754202 - Pull object principals directly off the compartment and assert that behavior doesn't change. r=bz

Browse Source
This commit is contained in:
Bobby Holley 2012-06-28 23:47:55 +02:00
parent f8e97f21d8
commit ae62a76b7e
2 changed files with 26 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
caps/include/nsScriptSecurityManager.h
View File

@ -403,12 +403,11 @@ private:
// Returns null if a principal cannot be found; generally callers
// should error out at that point.
static nsIPrincipal*
doGetObjectPrincipal(JSObject *obj
static nsIPrincipal* doGetObjectPrincipal(JSObject *obj);
#ifdef DEBUG
, bool aAllowShortCircuit = true
static nsIPrincipal*
old_doGetObjectPrincipal(JSObject *obj, bool aAllowShortCircuit = true);
#endif
);
// Returns null if a principal cannot be found. Note that rv can be NS_OK
// when this happens -- this means that there was no JS running.

40
caps/src/nsScriptSecurityManager.cpp
View File

@ -2398,19 +2398,33 @@ nsScriptSecurityManager::GetObjectPrincipal(JSContext *aCx, JSObject *aObj,
// static
nsIPrincipal*
nsScriptSecurityManager::doGetObjectPrincipal(JSObject *aObj
nsScriptSecurityManager::doGetObjectPrincipal(JSObject *aObj)
{
JSCompartment *compartment = js::GetObjectCompartment(aObj);
JSPrincipals *principals = JS_GetCompartmentPrincipals(compartment);
nsIPrincipal *principal = nsJSPrincipals::get(principals);
// We leave the old code in for a little while to make sure that pulling
// object principals directly off the compartment always gives an equivalent
// result (from a security perspective).
#ifdef DEBUG
, bool aAllowShortCircuit
nsIPrincipal *old = old_doGetObjectPrincipal(aObj);
MOZ_ASSERT(NS_SUCCEEDED(CheckSameOriginPrincipal(principal, old)));
#endif
)
return principal;
}
#ifdef DEBUG
// static
nsIPrincipal*
nsScriptSecurityManager::old_doGetObjectPrincipal(JSObject *aObj,
bool aAllowShortCircuit)
{
NS_ASSERTION(aObj, "Bad call to doGetObjectPrincipal()!");
nsIPrincipal* result = nsnull;
#ifdef DEBUG
JSObject* origObj = aObj;
#endif
js::Class *jsClass = js::GetObjectClass(aObj);
// A common case seen in this code is that we enter this function
@ -2444,12 +2458,7 @@ nsScriptSecurityManager::doGetObjectPrincipal(JSObject *aObj
if (IS_WRAPPER_CLASS(jsClass)) {
result = sXPConnect->GetPrincipal(aObj,
#ifdef DEBUG
aAllowShortCircuit
#else
true
#endif
);
aAllowShortCircuit);
if (result) {
break;
}
@ -2465,7 +2474,6 @@ nsScriptSecurityManager::doGetObjectPrincipal(JSObject *aObj
priv = nsnull;
}
#ifdef DEBUG
if (aAllowShortCircuit) {
nsCOMPtr<nsIXPConnectWrappedNative> xpcWrapper =
do_QueryInterface(priv);
@ -2475,7 +2483,6 @@ nsScriptSecurityManager::doGetObjectPrincipal(JSObject *aObj
"Uh, an nsIXPConnectWrappedNative with the "
"wrong JSClass or getObjectOps hooks!");
}
#endif
nsCOMPtr<nsIScriptObjectPrincipal> objPrin =
do_QueryInterface(priv);
@ -2497,9 +2504,8 @@ nsScriptSecurityManager::doGetObjectPrincipal(JSObject *aObj
jsClass = js::GetObjectClass(aObj);
} while (1);
#ifdef DEBUG
if (aAllowShortCircuit) {
nsIPrincipal *principal = doGetObjectPrincipal(origObj, false);
nsIPrincipal *principal = old_doGetObjectPrincipal(origObj, false);
// Because of inner window reuse, we can have objects with one principal
// living in a scope with a different (but same-origin) principal. So
@ -2507,10 +2513,10 @@ nsScriptSecurityManager::doGetObjectPrincipal(JSObject *aObj
NS_ASSERTION(NS_SUCCEEDED(CheckSameOriginPrincipal(result, principal)),
"Principal mismatch. Not good");
}
#endif
return result;
}
#endif /* DEBUG */
///////////////// Capabilities API /////////////////////
NS_IMETHODIMP