From 29adcd066e7442a70335715e1296648fc376c3a0 Mon Sep 17 00:00:00 2001 From: Andrew McCreight Date: Mon, 30 Jul 2012 21:01:59 -0700 Subject: [PATCH] Bug 761422, part 3 - get security wrappers before changing maps. r=bholley --- js/xpconnect/src/XPCWrappedNative.cpp | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/js/xpconnect/src/XPCWrappedNative.cpp b/js/xpconnect/src/XPCWrappedNative.cpp index 4cba2c4a925e..8612458b6a01 100644 --- a/js/xpconnect/src/XPCWrappedNative.cpp +++ b/js/xpconnect/src/XPCWrappedNative.cpp @@ -1606,6 +1606,16 @@ XPCWrappedNative::ReparentWrapperIfFound(XPCCallContext& ccx, JS_SetPrivate(flat, nullptr); } + // Before proceeding, eagerly create any same-compartment security wrappers + // that the object might have. This forces us to take the 'WithWrapper' path + // while transplanting that handles this stuff correctly. + { + JSAutoEnterCompartment innerAC; + if (!innerAC.enter(ccx, aOldScope->GetGlobalJSObject()) || + !wrapper->GetSameCompartmentSecurityWrapper(ccx)) + return NS_ERROR_FAILURE; + } + { // scoped lock Native2WrappedNativeMap* oldMap = aOldScope->GetWrappedNativeMap(); Native2WrappedNativeMap* newMap = aNewScope->GetWrappedNativeMap(); @@ -1641,16 +1651,6 @@ XPCWrappedNative::ReparentWrapperIfFound(XPCCallContext& ccx, (void) newMap->Add(wrapper); } - // Before proceeding, eagerly create any same-compartment security wrappers - // that the object might have. This forces us to take the 'WithWrapper' path - // while transplanting that handles this stuff correctly. - { - JSAutoEnterCompartment innerAC; - if (!innerAC.enter(ccx, aOldScope->GetGlobalJSObject()) || - !wrapper->GetSameCompartmentSecurityWrapper(ccx)) - return NS_ERROR_FAILURE; - } - JSObject *ww = wrapper->GetWrapper(); if (ww) { JSObject *newwrapper;