mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Bug 1633374 - disallow eval in parent process r=ckerschb,tjr 

Changing isEvalAllowed to default to false in nightly builds.
As a ride-along, we adjust how we get the script filename
for telemetry, to get better results.

Differential Revision: https://phabricator.services.mozilla.com/D72644
This commit is contained in:
Frederik Braun 2020-05-05 14:57:53 +00:00
Родитель 845e286da1
Коммит 1fcb39e3a3
1 изменённых файлов: 23 добавлений и 17 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

40
dom/security/nsContentSecurityUtils.cpp
Просмотреть файл

@ -451,27 +451,17 @@ bool nsContentSecurityUtils::IsEvalAllowed(JSContext* cx,
// function // function
nsAutoCString fileName; nsAutoCString fileName;
uint32_t lineNumber = 0, columnNumber = 0; uint32_t lineNumber = 0, columnNumber = 0;
JS::AutoFilename rawScriptFilename; nsJSUtils::GetCallingLocation(cx, fileName, &lineNumber, &columnNumber);
if (JS::DescribeScriptedCaller(cx, &rawScriptFilename, &lineNumber, if (fileName.IsEmpty()) {
&columnNumber)) {
nsDependentCSubstring fileName_(rawScriptFilename.get(),
strlen(rawScriptFilename.get()));
ToLowerCase(fileName_);
// Extract file name alone if scriptFilename contains line number
// separated by multiple space delimiters in few cases.
int32_t fileNameIndex = fileName_.FindChar(' ');
if (fileNameIndex != -1) {
fileName_.SetLength(fileNameIndex);
}
fileName = std::move(fileName_);
} else {
fileName = NS_LITERAL_CSTRING("unknown-file"); fileName = NS_LITERAL_CSTRING("unknown-file");
} }
NS_ConvertUTF8toUTF16 fileNameA(fileName); NS_ConvertUTF8toUTF16 fileNameA(fileName);
for (const nsLiteralCString& allowlistEntry : evalAllowlist) { for (const nsLiteralCString& allowlistEntry : evalAllowlist) {
if (fileName.Equals(allowlistEntry)) { // checking if current filename begins with entry, because JS Engine
// gives us additional stuff for code inside eval or Function ctor
// e.g., "require.js > Function"
if (StringBeginsWith(fileName, allowlistEntry)) {
MOZ_LOG(sCSMLog, LogLevel::Debug, MOZ_LOG(sCSMLog, LogLevel::Debug,
("Allowing eval() %s because the containing " ("Allowing eval() %s because the containing "
"file is in the allowlist", "file is in the allowlist",
@ -501,14 +491,30 @@ bool nsContentSecurityUtils::IsEvalAllowed(JSContext* cx,
// Maybe Crash // Maybe Crash
#ifdef DEBUG #ifdef DEBUG
// MOZ_CRASH_UNSAFE_PRINTF gives us at most 1024 characters to print.
// The given string literal leaves us with ~950, so I'm leaving
// each 475 for fileName and aScript each.
if (fileName.Length() > 475) {
fileName.SetLength(475);
}
nsAutoCString trimmedScript = NS_ConvertUTF16toUTF8(aScript);
if (trimmedScript.Length() > 475) {
trimmedScript.SetLength(475);
}
MOZ_CRASH_UNSAFE_PRINTF( MOZ_CRASH_UNSAFE_PRINTF(
"Blocking eval() %s from file %s and script provided " "Blocking eval() %s from file %s and script provided "
"%s", "%s",
(aIsSystemPrincipal ? "with System Principal" : "in parent process"), (aIsSystemPrincipal ? "with System Principal" : "in parent process"),
fileName.get(), NS_ConvertUTF16toUTF8(aScript).get()); fileName.get(), trimmedScript.get());
#endif #endif
#ifdef EARLY_BETA_OR_EARLIER
// Until we understand the events coming from release, we don't want to
// enforce eval restrictions on release. Limiting to Nightly and early beta.
return false;
#else
return true; return true;
#endif
} }
/* static */ /* static */