Bug 823348 - Make NNXOWs use an explicitly opaque Policy. r=mrbkap

There's no reason to be doing a dynamic check here, given that the JSClasses
will never match. Lets be explicit and safe.
This commit is contained in:
Bobby Holley 2013-01-23 06:04:38 +01:00
Родитель 402fba14fe
Коммит 26a118b43a
3 изменённых файлов: 17 добавлений и 3 удалений

Просмотреть файл

@ -40,6 +40,21 @@ class AccessCheck {
struct Policy {
};
// This policy only allows calling the underlying callable. All other operations throw.
struct Opaque : public Policy {
static bool check(JSContext *cx, JSObject *wrapper, jsid id, js::Wrapper::Action act) {
return act == js::Wrapper::CALL;
}
static bool deny(JSContext *cx, jsid id, js::Wrapper::Action act) {
AccessCheck::deny(cx, id);
return false;
}
static bool allowNativeCall(JSContext *cx, JS::IsAcceptableThis test, JS::NativeImpl impl)
{
return false;
}
};
// This policy only permits access to the object if the subject can touch
// system objects.
struct OnlyIfSubjectIsSystem : public Policy {

Просмотреть файл

@ -146,7 +146,7 @@ FilteringWrapper<Base, Policy>::enter(JSContext *cx, JSObject *wrapper, jsid id,
#define SCSOW FilteringWrapper<SameCompartmentSecurityWrapper, OnlyIfSubjectIsSystem>
#define XOW FilteringWrapper<SecurityXrayXPCWN, CrossOriginAccessiblePropertiesOnly>
#define DXOW FilteringWrapper<SecurityXrayDOM, CrossOriginAccessiblePropertiesOnly>
#define NNXOW FilteringWrapper<CrossCompartmentSecurityWrapper, CrossOriginAccessiblePropertiesOnly>
#define NNXOW FilteringWrapper<CrossCompartmentSecurityWrapper, Opaque>
#define CW FilteringWrapper<SameCompartmentSecurityWrapper, ComponentsObjectPolicy>
#define XCW FilteringWrapper<CrossCompartmentSecurityWrapper, ComponentsObjectPolicy>
template<> SOW SOW::singleton(WrapperFactory::SCRIPT_ACCESS_ONLY_FLAG |

Просмотреть файл

@ -445,8 +445,7 @@ WrapperFactory::Rewrap(JSContext *cx, JSObject *existing, JSObject *obj,
// a predefined set of properties.
XrayType type = GetXrayType(obj);
if (type == NotXray) {
wrapper = &FilteringWrapper<CrossCompartmentSecurityWrapper,
CrossOriginAccessiblePropertiesOnly>::singleton;
wrapper = &FilteringWrapper<CrossCompartmentSecurityWrapper, Opaque>::singleton;
} else if (type == XrayForDOMObject) {
wrapper = &FilteringWrapper<SecurityXrayDOM,
CrossOriginAccessiblePropertiesOnly>::singleton;