mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Bug 1483905 - Ensure the WebAuthnManager stays alive while WebAuthnTransactionChild is using it. r=qdot 

Differential Revision: https://phabricator.services.mozilla.com/D5305
This commit is contained in:
Dana Keeler 2018-10-01 06:58:34 -04:00
Родитель 64de926d46
Коммит 6012e76803
4 изменённых файлов: 67 добавлений и 0 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

15
dom/webauthn/WebAuthnTransactionChild.cpp
Просмотреть файл

@ -28,6 +28,11 @@ WebAuthnTransactionChild::RecvConfirmRegister(const uint64_t& aTransactionId,
return IPC_FAIL_NO_REASON(this); return IPC_FAIL_NO_REASON(this);
} }
// We don't own the reference to mManager. We need to prevent its refcount
// going to 0 while we call anything that can reach the call to
// StopListeningForVisibilityEvents in WebAuthnManager::ClearTransaction
// (often via WebAuthnManager::RejectTransaction).
RefPtr<WebAuthnManagerBase> kungFuDeathGrip(mManager);
mManager->FinishMakeCredential(aTransactionId, aResult); mManager->FinishMakeCredential(aTransactionId, aResult);
return IPC_OK(); return IPC_OK();
} }
@ -40,6 +45,11 @@ WebAuthnTransactionChild::RecvConfirmSign(const uint64_t& aTransactionId,
return IPC_FAIL_NO_REASON(this); return IPC_FAIL_NO_REASON(this);
} }
// We don't own the reference to mManager. We need to prevent its refcount
// going to 0 while we call anything that can reach the call to
// StopListeningForVisibilityEvents in WebAuthnManager::ClearTransaction
// (often via WebAuthnManager::RejectTransaction).
RefPtr<WebAuthnManagerBase> kungFuDeathGrip(mManager);
mManager->FinishGetAssertion(aTransactionId, aResult); mManager->FinishGetAssertion(aTransactionId, aResult);
return IPC_OK(); return IPC_OK();
} }
@ -52,6 +62,11 @@ WebAuthnTransactionChild::RecvAbort(const uint64_t& aTransactionId,
return IPC_FAIL_NO_REASON(this); return IPC_FAIL_NO_REASON(this);
} }
// We don't own the reference to mManager. We need to prevent its refcount
// going to 0 while we call anything that can reach the call to
// StopListeningForVisibilityEvents in WebAuthnManager::ClearTransaction
// (often via WebAuthnManager::RejectTransaction).
RefPtr<WebAuthnManagerBase> kungFuDeathGrip(mManager);
mManager->RequestAborted(aTransactionId, aError); mManager->RequestAborted(aTransactionId, aError);
return IPC_OK(); return IPC_OK();
} }

21
dom/webauthn/tests/get_assertion_dead_object.html Normal file
Просмотреть файл

@ -0,0 +1,21 @@
<!DOCTYPE html>
<html>
<head>
<meta charset=utf-8>
</head>
<body>
<script type="text/javascript">
window.addEventListener('load', function() {
let o = [];
o[0] = window.navigator;
document.writeln('');
// Since the USB token is enabled by default, this will pop up a notification that the
// user can insert/interact with it. Since this is just a test, this won't happen. The
// request will eventually time out.
// Unfortunately the minimum timeout is 15 seconds.
o[0].credentials.get({ publicKey: { challenge: new Uint8Array(128), timeout: 15000 } });
o.forEach((n, i) => o[i] = null);
});
</script>
</body>
</html>

2
dom/webauthn/tests/mochitest.ini
Просмотреть файл

@ -3,6 +3,7 @@ support-files =
cbor.js cbor.js
u2futil.js u2futil.js
pkijs/* pkijs/*
get_assertion_dead_object.html
skip-if = !e10s skip-if = !e10s
scheme = https scheme = https
@ -14,6 +15,7 @@ scheme = https
[test_webauthn_no_token.html] [test_webauthn_no_token.html]
[test_webauthn_make_credential.html] [test_webauthn_make_credential.html]
[test_webauthn_get_assertion.html] [test_webauthn_get_assertion.html]
[test_webauthn_get_assertion_dead_object.html]
[test_webauthn_override_request.html] [test_webauthn_override_request.html]
[test_webauthn_store_credential.html] [test_webauthn_store_credential.html]
[test_webauthn_sameorigin.html] [test_webauthn_sameorigin.html]

29
dom/webauthn/tests/test_webauthn_get_assertion_dead_object.html Normal file
Просмотреть файл

@ -0,0 +1,29 @@
<!DOCTYPE html>
<meta charset=utf-8>
<head>
<title>Test for GetAssertion on dead object</title>
<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
<script type="text/javascript" src="/tests/SimpleTest/AddTask.js"></script>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
</head>
<body>
<h1>Test for GetAssertion on dead object</h1>
<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=1483905">Mozilla Bug 1483905</a>
<script class="testbody" type="text/javascript">
"use strict";
SimpleTest.waitForExplicitFinish();
SimpleTest.requestFlakyTimeout(
"Due to the nature of this test, there's no way for the window we're opening to signal " +
"that it's done (the `document.writeln('')` is essential and basically clears any state " +
"we could use). So, we have to wait at least 15 seconds for the webauthn call to time out.");
let win = window.open("https://example.com/tests/dom/webauthn/tests/get_assertion_dead_object.html");
setTimeout(() => {
win.close();
SimpleTest.finish();
}, 20000);
</script>
</body>
</html>