зеркало из https://github.com/mozilla/gecko-dev.git
Backed out 4 changesets (bug 1688452) for assertion and bc failures on browser_translation_bing.js.
Backed out changeset 1a720cffc019 (bug 1688452) Backed out changeset 797a7e243d43 (bug 1688452) Backed out changeset 00fd325069fa (bug 1688452) Backed out changeset 23ef68478e93 (bug 1688452)
This commit is contained in:
Родитель
aeb4d9db55
Коммит
0d612db0fb
|
@ -6,11 +6,21 @@
|
||||||
#ifndef __expat_config_h__
|
#ifndef __expat_config_h__
|
||||||
#define __expat_config_h__
|
#define __expat_config_h__
|
||||||
|
|
||||||
#ifdef MOZ_IN_WASM_SANDBOX
|
#define MOZ_UNICODE
|
||||||
# include "expat_config_rlbox.h"
|
#include "nspr.h"
|
||||||
#else
|
|
||||||
# include "expat_config_moz.h"
|
#ifdef IS_LITTLE_ENDIAN
|
||||||
#endif
|
#define BYTEORDER 1234
|
||||||
|
#else
|
||||||
|
#define BYTEORDER 4321
|
||||||
|
#endif /* IS_LITTLE_ENDIAN */
|
||||||
|
|
||||||
|
#if PR_BYTES_PER_INT != 4
|
||||||
|
#define int int32_t
|
||||||
|
#endif /* PR_BYTES_PER_INT != 4 */
|
||||||
|
|
||||||
|
/* Other Mozilla code relies on memmove already, so we assume it's available */
|
||||||
|
#define HAVE_MEMMOVE 1
|
||||||
|
|
||||||
#define XMLCALL
|
#define XMLCALL
|
||||||
#define XML_STATIC
|
#define XML_STATIC
|
||||||
|
|
|
@ -1,25 +0,0 @@
|
||||||
/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
|
||||||
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
||||||
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
||||||
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
||||||
|
|
||||||
#ifndef __expat_config_moz_h__
|
|
||||||
#define __expat_config_moz_h__
|
|
||||||
|
|
||||||
#define MOZ_UNICODE
|
|
||||||
#include "nspr.h"
|
|
||||||
|
|
||||||
#ifdef IS_LITTLE_ENDIAN
|
|
||||||
#define BYTEORDER 1234
|
|
||||||
#else
|
|
||||||
#define BYTEORDER 4321
|
|
||||||
#endif /* IS_LITTLE_ENDIAN */
|
|
||||||
|
|
||||||
#if PR_BYTES_PER_INT != 4
|
|
||||||
#define int int32_t
|
|
||||||
#endif /* PR_BYTES_PER_INT != 4 */
|
|
||||||
|
|
||||||
/* Other Mozilla code relies on memmove already, so we assume it's available */
|
|
||||||
#define HAVE_MEMMOVE 1
|
|
||||||
|
|
||||||
#endif /* __expat_config_moz_h__ */
|
|
|
@ -1,23 +0,0 @@
|
||||||
/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
|
||||||
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
||||||
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
||||||
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
||||||
|
|
||||||
#ifndef __expat_config_rlbox_h__
|
|
||||||
#define __expat_config_rlbox_h__
|
|
||||||
|
|
||||||
/* Wasm is little endian */
|
|
||||||
#define BYTEORDER 1234
|
|
||||||
|
|
||||||
/* We don't redefine int as int32_t for our 32-bit Wasm machine. */
|
|
||||||
#ifdef __cplusplus
|
|
||||||
static_assert(sizeof(int) == sizeof(int32_t), "Expected int and int32_t to be of same size.");
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/* WASI currently doesn't have memmove. */
|
|
||||||
#define HAVE_MEMMOVE 0
|
|
||||||
|
|
||||||
/* We don't need to nor want to expose getpid() to expat */
|
|
||||||
#define getpid() 0
|
|
||||||
|
|
||||||
#endif /* __expat_config_rlbox_h__ */
|
|
|
@ -4,16 +4,17 @@
|
||||||
# License, v. 2.0. If a copy of the MPL was not distributed with this
|
# License, v. 2.0. If a copy of the MPL was not distributed with this
|
||||||
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
||||||
|
|
||||||
include("sources.mozbuild")
|
|
||||||
|
|
||||||
EXPORTS += [
|
EXPORTS += [
|
||||||
'expat.h',
|
'expat.h',
|
||||||
'expat_external.h',
|
'expat_external.h',
|
||||||
]
|
]
|
||||||
|
|
||||||
SOURCES += expat_sources
|
SOURCES += [
|
||||||
|
'xmlparse.c',
|
||||||
|
'xmlrole.c',
|
||||||
|
'xmltok.c',
|
||||||
|
]
|
||||||
|
|
||||||
FINAL_LIBRARY = 'gkmedias'
|
FINAL_LIBRARY = 'gkmedias'
|
||||||
|
|
||||||
for k, v in expat_defines:
|
DEFINES['HAVE_EXPAT_CONFIG_H'] = True
|
||||||
DEFINES[k] = v
|
|
||||||
|
|
|
@ -1,15 +0,0 @@
|
||||||
# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*-
|
|
||||||
# vim: set filetype=python:
|
|
||||||
# This Source Code Form is subject to the terms of the Mozilla Public
|
|
||||||
# License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
||||||
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
|
||||||
|
|
||||||
expat_sources = [
|
|
||||||
'xmlparse.c',
|
|
||||||
'xmlrole.c',
|
|
||||||
'xmltok.c',
|
|
||||||
]
|
|
||||||
|
|
||||||
expat_defines = [
|
|
||||||
('HAVE_EXPAT_CONFIG_H', True)
|
|
||||||
]
|
|
|
@ -11,7 +11,5 @@ DIRS += ['lib']
|
||||||
|
|
||||||
EXPORTS += [
|
EXPORTS += [
|
||||||
'expat_config.h',
|
'expat_config.h',
|
||||||
'expat_config_moz.h',
|
|
||||||
'expat_config_rlbox.h',
|
|
||||||
]
|
]
|
||||||
|
|
||||||
|
|
|
@ -50,8 +50,6 @@ EXPORTS += [
|
||||||
"nsHtml5ViewSourceUtils.h",
|
"nsHtml5ViewSourceUtils.h",
|
||||||
"nsIContentHandle.h",
|
"nsIContentHandle.h",
|
||||||
"nsParserUtils.h",
|
"nsParserUtils.h",
|
||||||
"rlbox_expat.h",
|
|
||||||
"rlbox_expat_types.h",
|
|
||||||
]
|
]
|
||||||
|
|
||||||
UNIFIED_SOURCES += [
|
UNIFIED_SOURCES += [
|
||||||
|
|
|
@ -83,10 +83,6 @@
|
||||||
// our symbol names.
|
// our symbol names.
|
||||||
#include "expat_config.h"
|
#include "expat_config.h"
|
||||||
#include "expat.h"
|
#include "expat.h"
|
||||||
#include "rlbox_expat.h"
|
|
||||||
#ifdef MOZ_WASM_SANDBOXING_EXPAT
|
|
||||||
# include "mozilla/ipc/LibrarySandboxPreload.h"
|
|
||||||
#endif
|
|
||||||
|
|
||||||
extern "C" {
|
extern "C" {
|
||||||
// Defined in intl/encoding_glue/src/lib.rs
|
// Defined in intl/encoding_glue/src/lib.rs
|
||||||
|
@ -535,69 +531,41 @@ void nsHtml5StreamParser::SetEncodingFromExpat(const char16_t* aEncoding) {
|
||||||
// Using a separate user data struct also avoids bloating nsHtml5StreamParser
|
// Using a separate user data struct also avoids bloating nsHtml5StreamParser
|
||||||
// by one pointer.
|
// by one pointer.
|
||||||
struct UserData {
|
struct UserData {
|
||||||
tainted_expat<XML_Parser> mExpat;
|
XML_Parser mExpat;
|
||||||
nsHtml5StreamParser* mStreamParser;
|
nsHtml5StreamParser* mStreamParser;
|
||||||
};
|
};
|
||||||
|
|
||||||
// Using no-namespace handler callbacks to avoid including expat.h in
|
// Using no-namespace handler callbacks to avoid including expat.h in
|
||||||
// nsHtml5StreamParser.h, since doing so would cause naming conclicts.
|
// nsHtml5StreamParser.h, since doing so would cause naming conclicts.
|
||||||
static void HandleXMLDeclaration(rlbox_sandbox_expat& aSandbox,
|
static void HandleXMLDeclaration(void* aUserData, const XML_Char* aVersion,
|
||||||
tainted_expat<void*> /* aUserData */,
|
const XML_Char* aEncoding, int aStandalone) {
|
||||||
tainted_expat<const XML_Char*> /* aVersion */,
|
UserData* ud = static_cast<UserData*>(aUserData);
|
||||||
tainted_expat<const XML_Char*> t_aEncoding,
|
|
||||||
tainted_expat<int> /* aStandalone */) {
|
|
||||||
UserData* ud = static_cast<UserData*>(aSandbox.sandbox_storage);
|
|
||||||
MOZ_RELEASE_ASSERT(ud);
|
|
||||||
|
|
||||||
bool copied_encoding = false;
|
|
||||||
auto* encoding =
|
|
||||||
transfer_xmlstring_no_validate(aSandbox, t_aEncoding, copied_encoding);
|
|
||||||
|
|
||||||
// The attacker has control over the encoding. This could potentially lead to
|
|
||||||
// confusion/XSS attacks. We should try to restrict the encoding to something
|
|
||||||
// safe. Bug 1693991 tracks this.
|
|
||||||
ud->mStreamParser->SetEncodingFromExpat(
|
ud->mStreamParser->SetEncodingFromExpat(
|
||||||
reinterpret_cast<const char16_t*>(encoding));
|
reinterpret_cast<const char16_t*>(aEncoding));
|
||||||
|
XML_StopParser(ud->mExpat, false);
|
||||||
if (copied_encoding) {
|
|
||||||
free(encoding);
|
|
||||||
}
|
|
||||||
|
|
||||||
aSandbox.invoke_sandbox_function(MOZ_XML_StopParser, ud->mExpat, false);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
static void HandleStartElement(rlbox_sandbox_expat& aSandbox,
|
static void HandleStartElement(void* aUserData, const XML_Char* aName,
|
||||||
tainted_expat<void*> /* aUserData */,
|
const XML_Char** aAtts) {
|
||||||
tainted_expat<const XML_Char*> /* aName */,
|
UserData* ud = static_cast<UserData*>(aUserData);
|
||||||
tainted_expat<const XML_Char**> /*aAtts */) {
|
XML_StopParser(ud->mExpat, false);
|
||||||
UserData* ud = static_cast<UserData*>(aSandbox.sandbox_storage);
|
|
||||||
MOZ_RELEASE_ASSERT(ud);
|
|
||||||
aSandbox.invoke_sandbox_function(MOZ_XML_StopParser, ud->mExpat, false);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
static void HandleEndElement(rlbox_sandbox_expat& aSandbox,
|
static void HandleEndElement(void* aUserData, const XML_Char* aName) {
|
||||||
tainted_expat<void*> /* aUserData */,
|
UserData* ud = static_cast<UserData*>(aUserData);
|
||||||
tainted_expat<const XML_Char*> /* aName */) {
|
XML_StopParser(ud->mExpat, false);
|
||||||
UserData* ud = static_cast<UserData*>(aSandbox.sandbox_storage);
|
|
||||||
MOZ_RELEASE_ASSERT(ud);
|
|
||||||
aSandbox.invoke_sandbox_function(MOZ_XML_StopParser, ud->mExpat, false);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
static void HandleComment(rlbox_sandbox_expat& aSandbox,
|
static void HandleComment(void* aUserData, const XML_Char* aName) {
|
||||||
tainted_expat<void*> /* aUserData */,
|
UserData* ud = static_cast<UserData*>(aUserData);
|
||||||
tainted_expat<const XML_Char*> /* aName */) {
|
XML_StopParser(ud->mExpat, false);
|
||||||
UserData* ud = static_cast<UserData*>(aSandbox.sandbox_storage);
|
|
||||||
MOZ_RELEASE_ASSERT(ud);
|
|
||||||
aSandbox.invoke_sandbox_function(MOZ_XML_StopParser, ud->mExpat, false);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
static void HandleProcessingInstruction(
|
static void HandleProcessingInstruction(void* aUserData,
|
||||||
rlbox_sandbox_expat& aSandbox, tainted_expat<void*> /* aUserData */,
|
const XML_Char* aTarget,
|
||||||
tainted_expat<const XML_Char*> /* aTarget */,
|
const XML_Char* aData) {
|
||||||
tainted_expat<const XML_Char*> /* aData */) {
|
UserData* ud = static_cast<UserData*>(aUserData);
|
||||||
UserData* ud = static_cast<UserData*>(aSandbox.sandbox_storage);
|
XML_StopParser(ud->mExpat, false);
|
||||||
MOZ_RELEASE_ASSERT(ud);
|
|
||||||
aSandbox.invoke_sandbox_function(MOZ_XML_StopParser, ud->mExpat, false);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
void nsHtml5StreamParser::FinalizeSniffingWithDetector(
|
void nsHtml5StreamParser::FinalizeSniffingWithDetector(
|
||||||
|
@ -634,6 +602,10 @@ nsresult nsHtml5StreamParser::FinalizeSniffing(Span<const uint8_t> aFromSegment,
|
||||||
MOZ_ASSERT(mCharsetSource < kCharsetFromXmlDeclarationUtf16,
|
MOZ_ASSERT(mCharsetSource < kCharsetFromXmlDeclarationUtf16,
|
||||||
"Should not finalize sniffing with strong decision already made.");
|
"Should not finalize sniffing with strong decision already made.");
|
||||||
if (mMode == VIEW_SOURCE_XML) {
|
if (mMode == VIEW_SOURCE_XML) {
|
||||||
|
static const XML_Memory_Handling_Suite memsuite = {
|
||||||
|
(void* (*)(size_t))moz_xmalloc, (void* (*)(void*, size_t))moz_xrealloc,
|
||||||
|
free};
|
||||||
|
|
||||||
static const char16_t kExpatSeparator[] = {0xFFFF, '\0'};
|
static const char16_t kExpatSeparator[] = {0xFFFF, '\0'};
|
||||||
|
|
||||||
static const char16_t kISO88591[] = {'I', 'S', 'O', '-', '8', '8',
|
static const char16_t kISO88591[] = {'I', 'S', 'O', '-', '8', '8',
|
||||||
|
@ -650,68 +622,12 @@ nsresult nsHtml5StreamParser::FinalizeSniffing(Span<const uint8_t> aFromSegment,
|
||||||
// and without triggering expat's unknown encoding code paths. This is
|
// and without triggering expat's unknown encoding code paths. This is
|
||||||
// enough to be able to use expat to parse the XML declaration in order
|
// enough to be able to use expat to parse the XML declaration in order
|
||||||
// to extract the encoding name from it.
|
// to extract the encoding name from it.
|
||||||
|
ud.mExpat = XML_ParserCreate_MM(kISO88591, &memsuite, kExpatSeparator);
|
||||||
// Create sandbox and set the thread local user data to ud
|
XML_SetXmlDeclHandler(ud.mExpat, HandleXMLDeclaration);
|
||||||
rlbox_sandbox_expat sandbox;
|
XML_SetElementHandler(ud.mExpat, HandleStartElement, HandleEndElement);
|
||||||
#ifdef MOZ_WASM_SANDBOXING_EXPAT
|
XML_SetCommentHandler(ud.mExpat, HandleComment);
|
||||||
sandbox.create_sandbox(mozilla::ipc::GetSandboxedRLBoxPath().get());
|
XML_SetProcessingInstructionHandler(ud.mExpat, HandleProcessingInstruction);
|
||||||
#else
|
XML_SetUserData(ud.mExpat, static_cast<void*>(&ud));
|
||||||
sandbox.create_sandbox();
|
|
||||||
#endif
|
|
||||||
sandbox.sandbox_storage = &ud;
|
|
||||||
|
|
||||||
tainted_expat<const XML_Memory_Handling_Suite*> t_memsuite = nullptr;
|
|
||||||
#ifndef MOZ_WASM_SANDBOXING_EXPAT
|
|
||||||
// In the noop sandbox we can use the moz allocator.
|
|
||||||
static const XML_Memory_Handling_Suite s_memsuite = {
|
|
||||||
(void* (*)(size_t))moz_xmalloc, (void* (*)(void*, size_t))moz_xrealloc,
|
|
||||||
free};
|
|
||||||
// Since the code running in a noop sandbox is not actually sandboxed, we
|
|
||||||
// can expose the memsuite directly using UNSAFE_accept_pointer. We don't
|
|
||||||
// want to convert these functions to callbacks that can be used when
|
|
||||||
// expat is actually in a memory isolated sandbox -- expat should use the
|
|
||||||
// sandbox-local memsuite.
|
|
||||||
t_memsuite = sandbox.UNSAFE_accept_pointer(&s_memsuite);
|
|
||||||
#endif
|
|
||||||
|
|
||||||
// We need to copy the encoding and namespace separator into the sandbox.
|
|
||||||
// For the noop sandbox we pass in the memsuite; for the Wasm sandbox, we
|
|
||||||
// pass in nullptr to let expat use the standard library memory suite.
|
|
||||||
bool copied_kExpatSeparator = false;
|
|
||||||
auto t_kExpatSeparator = rlbox::copy_memory_or_grant_access(
|
|
||||||
sandbox, kExpatSeparator, sizeof(kExpatSeparator), false,
|
|
||||||
copied_kExpatSeparator);
|
|
||||||
bool copied_kISO88591 = false;
|
|
||||||
auto t_kISO88591 = rlbox::copy_memory_or_grant_access(
|
|
||||||
sandbox, kISO88591, sizeof(kISO88591), false, copied_kISO88591);
|
|
||||||
|
|
||||||
ud.mExpat = sandbox.invoke_sandbox_function(
|
|
||||||
MOZ_XML_ParserCreate_MM,
|
|
||||||
rlbox::sandbox_const_cast<const char16_t*>(t_kISO88591), t_memsuite,
|
|
||||||
t_kExpatSeparator);
|
|
||||||
if (copied_kExpatSeparator) {
|
|
||||||
sandbox.free_in_sandbox(t_kExpatSeparator);
|
|
||||||
}
|
|
||||||
if (copied_kISO88591) {
|
|
||||||
sandbox.free_in_sandbox(t_kISO88591);
|
|
||||||
}
|
|
||||||
|
|
||||||
auto t_HandleXMLDeclaration =
|
|
||||||
sandbox.register_callback(HandleXMLDeclaration);
|
|
||||||
auto t_HandleStartElement = sandbox.register_callback(HandleStartElement);
|
|
||||||
auto t_HandleEndElement = sandbox.register_callback(HandleEndElement);
|
|
||||||
auto t_HandleComment = sandbox.register_callback(HandleComment);
|
|
||||||
auto t_HandleProcessingInstruction =
|
|
||||||
sandbox.register_callback(HandleProcessingInstruction);
|
|
||||||
|
|
||||||
sandbox.invoke_sandbox_function(MOZ_XML_SetXmlDeclHandler, ud.mExpat,
|
|
||||||
t_HandleXMLDeclaration);
|
|
||||||
sandbox.invoke_sandbox_function(MOZ_XML_SetElementHandler, ud.mExpat,
|
|
||||||
t_HandleStartElement, t_HandleEndElement);
|
|
||||||
sandbox.invoke_sandbox_function(MOZ_XML_SetCommentHandler, ud.mExpat,
|
|
||||||
t_HandleComment);
|
|
||||||
sandbox.invoke_sandbox_function(MOZ_XML_SetProcessingInstructionHandler,
|
|
||||||
ud.mExpat, t_HandleProcessingInstruction);
|
|
||||||
|
|
||||||
XML_Status status = XML_STATUS_OK;
|
XML_Status status = XML_STATUS_OK;
|
||||||
|
|
||||||
|
@ -723,42 +639,16 @@ nsresult nsHtml5StreamParser::FinalizeSniffing(Span<const uint8_t> aFromSegment,
|
||||||
// 1024 bytes long or shorter). Thus, we parse both buffers, but if the
|
// 1024 bytes long or shorter). Thus, we parse both buffers, but if the
|
||||||
// first call succeeds already, we skip parsing the second buffer.
|
// first call succeeds already, we skip parsing the second buffer.
|
||||||
if (mSniffingBuffer) {
|
if (mSniffingBuffer) {
|
||||||
// copy (or transfer) mSniffingBuffer into the sandbox
|
status = XML_Parse(ud.mExpat,
|
||||||
bool copied_mSniffingBuffer = false;
|
reinterpret_cast<const char*>(mSniffingBuffer.get()),
|
||||||
auto t_mSniffingBuffer = rlbox::copy_memory_or_grant_access(
|
mSniffingLength, false);
|
||||||
sandbox, reinterpret_cast<const char*>(mSniffingBuffer.get()),
|
|
||||||
mSniffingLength, false, copied_mSniffingBuffer);
|
|
||||||
status = sandbox
|
|
||||||
.invoke_sandbox_function(MOZ_XML_Parse, ud.mExpat,
|
|
||||||
t_mSniffingBuffer, mSniffingLength,
|
|
||||||
false)
|
|
||||||
.copy_and_verify(status_verifier);
|
|
||||||
if (copied_mSniffingBuffer) {
|
|
||||||
sandbox.free_in_sandbox(t_mSniffingBuffer);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
if (status == XML_STATUS_OK && mCharsetSource < kCharsetFromMetaTag) {
|
if (status == XML_STATUS_OK && mCharsetSource < kCharsetFromMetaTag) {
|
||||||
bool copied_aFromSegmentElements = false;
|
mozilla::Unused << XML_Parse(
|
||||||
auto t_aFromSegmentElements = rlbox::copy_memory_or_grant_access(
|
ud.mExpat, reinterpret_cast<const char*>(aFromSegment.Elements()),
|
||||||
sandbox, reinterpret_cast<const char*>(aFromSegment.Elements()),
|
aCountToSniffingLimit, false);
|
||||||
aFromSegment.LengthBytes(), false, copied_aFromSegmentElements);
|
|
||||||
mozilla::Unused << sandbox
|
|
||||||
.invoke_sandbox_function(MOZ_XML_Parse, ud.mExpat,
|
|
||||||
t_aFromSegmentElements,
|
|
||||||
aCountToSniffingLimit,
|
|
||||||
false)
|
|
||||||
.copy_and_verify(status_verifier);
|
|
||||||
if (copied_aFromSegmentElements) {
|
|
||||||
sandbox.free_in_sandbox(t_aFromSegmentElements);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
sandbox.invoke_sandbox_function(MOZ_XML_ParserFree, ud.mExpat);
|
XML_ParserFree(ud.mExpat);
|
||||||
t_HandleXMLDeclaration.unregister();
|
|
||||||
t_HandleStartElement.unregister();
|
|
||||||
t_HandleEndElement.unregister();
|
|
||||||
t_HandleComment.unregister();
|
|
||||||
t_HandleProcessingInstruction.unregister();
|
|
||||||
sandbox.destroy_sandbox();
|
|
||||||
|
|
||||||
if (mCharsetSource < kCharsetFromMetaTag) {
|
if (mCharsetSource < kCharsetFromMetaTag) {
|
||||||
// Failed to get an encoding from the XML declaration. XML defaults
|
// Failed to get an encoding from the XML declaration. XML defaults
|
||||||
|
|
|
@ -1,72 +0,0 @@
|
||||||
/* -*- Mode: C++; tab-width: 20; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
|
||||||
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
||||||
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
||||||
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
||||||
|
|
||||||
#ifndef PARSER_HTML_RLBOX_EXPAT_H_
|
|
||||||
#define PARSER_HTML_RLBOX_EXPAT_H_
|
|
||||||
|
|
||||||
#include "rlbox_expat_types.h"
|
|
||||||
|
|
||||||
// Load general firefox configuration of RLBox
|
|
||||||
#include "mozilla/rlbox/rlbox_config.h"
|
|
||||||
|
|
||||||
#ifdef MOZ_WASM_SANDBOXING_EXPAT
|
|
||||||
# include "mozilla/rlbox/rlbox_wasm2c_sandbox.hpp"
|
|
||||||
#else
|
|
||||||
// Extra configuration for no-op sandbox
|
|
||||||
# define RLBOX_USE_STATIC_CALLS() rlbox_noop_sandbox_lookup_symbol
|
|
||||||
# include "mozilla/rlbox/rlbox_noop_sandbox.hpp"
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#include "mozilla/rlbox/rlbox.hpp"
|
|
||||||
|
|
||||||
/* status_verifier is a type validator for XML_Status */
|
|
||||||
inline enum XML_Status status_verifier(enum XML_Status s) {
|
|
||||||
MOZ_RELEASE_ASSERT(s >= XML_STATUS_ERROR && s <= XML_STATUS_SUSPENDED,
|
|
||||||
"unexpected status code");
|
|
||||||
return s;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* error_verifier is a type validator for XML_Error */
|
|
||||||
inline enum XML_Error error_verifier(enum XML_Error code) {
|
|
||||||
MOZ_RELEASE_ASSERT(
|
|
||||||
code >= XML_ERROR_NONE && code <= XML_ERROR_INVALID_ARGUMENT,
|
|
||||||
"unexpected XML error code");
|
|
||||||
return code;
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
|
||||||
* transfer_xmlstring_no_validate is used to transfer an XML_Char* from the
|
|
||||||
* sandboxed expat. This function doesn't validate the transfered string; it
|
|
||||||
* only null-terminates the string.
|
|
||||||
*
|
|
||||||
* Strings should be validated whenever possible (Bug 1693991 tracks this).
|
|
||||||
*/
|
|
||||||
inline XML_Char* transfer_xmlstring_no_validate(
|
|
||||||
rlbox_sandbox_expat& aSandbox, tainted_expat<const XML_Char*> t_aStr,
|
|
||||||
bool& copied) {
|
|
||||||
copied = false;
|
|
||||||
if (t_aStr != nullptr) {
|
|
||||||
const mozilla::CheckedInt<size_t> len = std::char_traits<char16_t>::length(
|
|
||||||
t_aStr.unverified_safe_pointer_because(
|
|
||||||
1,
|
|
||||||
"Even with bad length, we will not span beyond sandbox boundary."));
|
|
||||||
|
|
||||||
// Compute size to copy/allocate
|
|
||||||
const mozilla::CheckedInt<size_t> strSize = (len + 1) * sizeof(char16_t);
|
|
||||||
|
|
||||||
MOZ_RELEASE_ASSERT(len.isValid() && strSize.isValid(), "Bad string");
|
|
||||||
|
|
||||||
// Actually transfer string
|
|
||||||
auto* aStr = rlbox::copy_memory_or_deny_access(
|
|
||||||
aSandbox, rlbox::sandbox_const_cast<char16_t*>(t_aStr), strSize.value(),
|
|
||||||
false, copied);
|
|
||||||
// Ensure the string is null padded
|
|
||||||
aStr[len.value()] = '\0';
|
|
||||||
return aStr;
|
|
||||||
}
|
|
||||||
return nullptr;
|
|
||||||
}
|
|
||||||
|
|
||||||
#endif
|
|
|
@ -1,36 +0,0 @@
|
||||||
/* -*- Mode: C++; tab-width: 20; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
|
||||||
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
||||||
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
||||||
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
||||||
|
|
||||||
#ifndef PARSER_HTML_RLBOX_EXPAT_TYPES_H_
|
|
||||||
#define PARSER_HTML_RLBOX_EXPAT_TYPES_H_
|
|
||||||
|
|
||||||
#include <stddef.h>
|
|
||||||
#include "mozilla/rlbox/rlbox_types.hpp"
|
|
||||||
|
|
||||||
#ifdef MOZ_WASM_SANDBOXING_EXPAT
|
|
||||||
namespace rlbox {
|
|
||||||
class rlbox_wasm2c_sandbox;
|
|
||||||
}
|
|
||||||
using rlbox_expat_sandbox_type = rlbox::rlbox_wasm2c_sandbox;
|
|
||||||
#else
|
|
||||||
using rlbox_expat_sandbox_type = rlbox::rlbox_noop_sandbox;
|
|
||||||
#endif
|
|
||||||
|
|
||||||
using rlbox_sandbox_expat = rlbox::rlbox_sandbox<rlbox_expat_sandbox_type>;
|
|
||||||
template <typename T>
|
|
||||||
using sandbox_callback_expat =
|
|
||||||
rlbox::sandbox_callback<T, rlbox_expat_sandbox_type>;
|
|
||||||
template <typename T>
|
|
||||||
using tainted_expat = rlbox::tainted<T, rlbox_expat_sandbox_type>;
|
|
||||||
template <typename T>
|
|
||||||
using tainted_opaque_expat = rlbox::tainted_opaque<T, rlbox_expat_sandbox_type>;
|
|
||||||
template <typename T>
|
|
||||||
using tainted_volatile_expat =
|
|
||||||
rlbox::tainted_volatile<T, rlbox_expat_sandbox_type>;
|
|
||||||
using rlbox::tainted_boolean_hint;
|
|
||||||
template <typename T>
|
|
||||||
using app_pointer_expat = rlbox::app_pointer<T, rlbox_expat_sandbox_type>;
|
|
||||||
|
|
||||||
#endif
|
|
Разница между файлами не показана из-за своего большого размера
Загрузить разницу
|
@ -15,12 +15,9 @@
|
||||||
#include "nsIInputStream.h"
|
#include "nsIInputStream.h"
|
||||||
#include "nsIParser.h"
|
#include "nsIParser.h"
|
||||||
#include "nsCycleCollectionParticipant.h"
|
#include "nsCycleCollectionParticipant.h"
|
||||||
#include "rlbox_expat.h"
|
|
||||||
#include "mozilla/Mutex.h"
|
|
||||||
|
|
||||||
class nsIExpatSink;
|
class nsIExpatSink;
|
||||||
struct nsCatalogData;
|
struct nsCatalogData;
|
||||||
class RLBoxExpatData;
|
|
||||||
|
|
||||||
class nsExpatDriver : public nsIDTD, public nsITokenizer {
|
class nsExpatDriver : public nsIDTD, public nsITokenizer {
|
||||||
virtual ~nsExpatDriver();
|
virtual ~nsExpatDriver();
|
||||||
|
@ -36,20 +33,14 @@ class nsExpatDriver : public nsIDTD, public nsITokenizer {
|
||||||
int HandleExternalEntityRef(const char16_t* aOpenEntityNames,
|
int HandleExternalEntityRef(const char16_t* aOpenEntityNames,
|
||||||
const char16_t* aBase, const char16_t* aSystemId,
|
const char16_t* aBase, const char16_t* aSystemId,
|
||||||
const char16_t* aPublicId);
|
const char16_t* aPublicId);
|
||||||
static void HandleStartElement(rlbox_sandbox_expat& aSandbox,
|
static void HandleStartElement(void* aUserData, const char16_t* aName,
|
||||||
tainted_expat<void*> t_aUserData,
|
const char16_t** aAtts);
|
||||||
tainted_expat<const char16_t*> t_aName,
|
static void HandleStartElementForSystemPrincipal(void* aUserData,
|
||||||
tainted_expat<const char16_t**> t_aAtts);
|
const char16_t* aName,
|
||||||
static void HandleStartElementForSystemPrincipal(
|
const char16_t** aAtts);
|
||||||
rlbox_sandbox_expat& aSandbox, tainted_expat<void*> t_aUserData,
|
static void HandleEndElement(void* aUserData, const char16_t* aName);
|
||||||
tainted_expat<const char16_t*> t_aName,
|
static void HandleEndElementForSystemPrincipal(void* aUserData,
|
||||||
tainted_expat<const char16_t**> t_aAtts);
|
const char16_t* aName);
|
||||||
static void HandleEndElement(rlbox_sandbox_expat& aSandbox,
|
|
||||||
tainted_expat<void*> t_aUserData,
|
|
||||||
tainted_expat<const char16_t*> t_aName);
|
|
||||||
static void HandleEndElementForSystemPrincipal(
|
|
||||||
rlbox_sandbox_expat& aSandbox, tainted_expat<void*> t_aUserData,
|
|
||||||
tainted_expat<const char16_t*> t_aName);
|
|
||||||
nsresult HandleCharacterData(const char16_t* aCData, const uint32_t aLength);
|
nsresult HandleCharacterData(const char16_t* aCData, const uint32_t aLength);
|
||||||
nsresult HandleComment(const char16_t* aName);
|
nsresult HandleComment(const char16_t* aName);
|
||||||
nsresult HandleProcessingInstruction(const char16_t* aTarget,
|
nsresult HandleProcessingInstruction(const char16_t* aTarget,
|
||||||
|
@ -100,11 +91,7 @@ class nsExpatDriver : public nsIDTD, public nsITokenizer {
|
||||||
mInternalState == NS_ERROR_HTMLPARSER_INTERRUPTED;
|
mInternalState == NS_ERROR_HTMLPARSER_INTERRUPTED;
|
||||||
}
|
}
|
||||||
|
|
||||||
std::shared_ptr<RLBoxExpatData> mSandboxData;
|
XML_Parser mExpatParser;
|
||||||
rlbox_sandbox_expat* mSandbox; // alias to mSandboxData->mSandbox
|
|
||||||
app_pointer_expat<void*> mAppPtr; // app pointer to this driver
|
|
||||||
tainted_expat<XML_Parser> mExpatParser;
|
|
||||||
|
|
||||||
nsString mLastLine;
|
nsString mLastLine;
|
||||||
nsString mCDataText;
|
nsString mCDataText;
|
||||||
// Various parts of a doctype
|
// Various parts of a doctype
|
||||||
|
@ -141,34 +128,4 @@ class nsExpatDriver : public nsIDTD, public nsITokenizer {
|
||||||
uint64_t mInnerWindowID;
|
uint64_t mInnerWindowID;
|
||||||
};
|
};
|
||||||
|
|
||||||
class RLBoxExpatData {
|
|
||||||
friend class nsExpatDriver;
|
|
||||||
|
|
||||||
public:
|
|
||||||
explicit RLBoxExpatData(bool isSystemPrincipal);
|
|
||||||
static std::shared_ptr<RLBoxExpatData> GetRLBoxExpatData(
|
|
||||||
bool isSystemPrincipal);
|
|
||||||
|
|
||||||
RLBoxExpatData() = delete;
|
|
||||||
~RLBoxExpatData();
|
|
||||||
|
|
||||||
private:
|
|
||||||
// Pointer to sandbox
|
|
||||||
rlbox_sandbox_expat* mSandbox;
|
|
||||||
// RLBox expat callbacks
|
|
||||||
sandbox_callback_expat<XML_XmlDeclHandler> mHandleXMLDeclaration;
|
|
||||||
sandbox_callback_expat<XML_StartElementHandler> mHandleStartElement;
|
|
||||||
sandbox_callback_expat<XML_EndElementHandler> mHandleEndElement;
|
|
||||||
sandbox_callback_expat<XML_CharacterDataHandler> mHandleCharacterData;
|
|
||||||
sandbox_callback_expat<XML_ProcessingInstructionHandler>
|
|
||||||
mHandleProcessingInstruction;
|
|
||||||
sandbox_callback_expat<XML_DefaultHandler> mHandleDefault;
|
|
||||||
sandbox_callback_expat<XML_ExternalEntityRefHandler> mHandleExternalEntityRef;
|
|
||||||
sandbox_callback_expat<XML_CommentHandler> mHandleComment;
|
|
||||||
sandbox_callback_expat<XML_StartCdataSectionHandler> mHandleStartCdataSection;
|
|
||||||
sandbox_callback_expat<XML_EndCdataSectionHandler> mHandleEndCdataSection;
|
|
||||||
sandbox_callback_expat<XML_StartDoctypeDeclHandler> mHandleStartDoctypeDecl;
|
|
||||||
sandbox_callback_expat<XML_EndDoctypeDeclHandler> mHandleEndDoctypeDecl;
|
|
||||||
};
|
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
|
|
@ -26,7 +26,6 @@ CFLAGS += [
|
||||||
]
|
]
|
||||||
|
|
||||||
WASM_DEFINES["MOZILLA_CLIENT"] = True
|
WASM_DEFINES["MOZILLA_CLIENT"] = True
|
||||||
WASM_DEFINES["MOZ_IN_WASM_SANDBOX"] = True
|
|
||||||
|
|
||||||
SANDBOXED_WASM_LIBRARY_NAME = "rlbox"
|
SANDBOXED_WASM_LIBRARY_NAME = "rlbox"
|
||||||
|
|
||||||
|
@ -54,10 +53,3 @@ if CONFIG["MOZ_WASM_SANDBOXING_OGG"]:
|
||||||
include("/media/libogg/sources.mozbuild")
|
include("/media/libogg/sources.mozbuild")
|
||||||
WASM_SOURCES += ["/media/libogg/" + s for s in ogg_sources]
|
WASM_SOURCES += ["/media/libogg/" + s for s in ogg_sources]
|
||||||
LOCAL_INCLUDES += ["/media/libogg"]
|
LOCAL_INCLUDES += ["/media/libogg"]
|
||||||
|
|
||||||
if CONFIG["MOZ_WASM_SANDBOXING_EXPAT"]:
|
|
||||||
include("/parser/expat/lib/sources.mozbuild")
|
|
||||||
WASM_SOURCES += ["/parser/expat/lib/" + s for s in expat_sources]
|
|
||||||
for k, v in expat_defines:
|
|
||||||
WASM_DEFINES[k] = v
|
|
||||||
LOCAL_INCLUDES += ["/parser/expat/lib/"]
|
|
||||||
|
|
|
@ -2110,7 +2110,6 @@ def wasm_sandboxing_libraries():
|
||||||
"graphite",
|
"graphite",
|
||||||
"ogg",
|
"ogg",
|
||||||
"hunspell",
|
"hunspell",
|
||||||
"expat",
|
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
|
|
Загрузка…
Ссылка в новой задаче