diff --git a/dom/security/test/crashtests/1583044.html b/dom/security/test/crashtests/1583044.html
new file mode 100644
index 000000000000..843f928cbb8b
--- /dev/null
+++ b/dom/security/test/crashtests/1583044.html
@@ -0,0 +1,12 @@
+
+
+
+Bug 1583044
+
+
+
+
+
+
diff --git a/dom/security/test/crashtests/crashtests.list b/dom/security/test/crashtests/crashtests.list
new file mode 100644
index 000000000000..b68a1d8b21f3
--- /dev/null
+++ b/dom/security/test/crashtests/crashtests.list
@@ -0,0 +1 @@
+load 1583044.html
diff --git a/image/decoders/icon/nsIconURI.cpp b/image/decoders/icon/nsIconURI.cpp
index d09169d7dda9..36bb98e3b0e6 100644
--- a/image/decoders/icon/nsIconURI.cpp
+++ b/image/decoders/icon/nsIconURI.cpp
@@ -12,6 +12,9 @@
#include "mozilla/Sprintf.h"
#include "nsIIOService.h"
+#include "nsISerializable.h"
+#include "nsIObjectInputStream.h"
+#include "nsIObjectOutputStream.h"
#include "nsIURL.h"
#include "nsNetUtil.h"
#include "plstr.h"
@@ -30,6 +33,10 @@ using namespace mozilla::ipc;
# define SANE_FILE_NAME_LEN 1024
#endif
+static NS_DEFINE_CID(kThisIconURIImplementationCID,
+ NS_THIS_ICONURI_IMPLEMENTATION_CID);
+static NS_DEFINE_CID(kIconURICID, NS_ICONURI_CID);
+
// helper function for parsing out attributes like size, and contentType
// from the icon url.
static void extractAttributeValue(const char* aSearchString,
@@ -51,11 +58,14 @@ nsMozIconURI::~nsMozIconURI() {}
NS_IMPL_ADDREF(nsMozIconURI)
NS_IMPL_RELEASE(nsMozIconURI)
-NS_INTERFACE_MAP_BEGIN(nsMozIconURI)
- NS_INTERFACE_MAP_ENTRY(nsIMozIconURI)
- NS_INTERFACE_MAP_ENTRY_AMBIGUOUS(nsISupports, nsIURI)
- NS_INTERFACE_MAP_ENTRY(nsIURI)
- NS_INTERFACE_MAP_ENTRY_CONDITIONAL(nsINestedURI, mIconURL)
+NS_INTERFACE_TABLE_HEAD(nsMozIconURI)
+ NS_INTERFACE_TABLE(nsMozIconURI, nsIMozIconURI, nsIURI, nsISerializable,
+ nsIClassInfo)
+ NS_INTERFACE_TABLE_TO_MAP_SEGUE
+ if (aIID.Equals(kThisIconURIImplementationCID))
+ foundInterface = static_cast(this);
+ else if (aIID.Equals(NS_GET_IID(nsINestedURI)) && mIconURL)
+ foundInterface = static_cast(this);
NS_INTERFACE_MAP_END
#define MOZICON_SCHEME "moz-icon:"
@@ -132,7 +142,8 @@ nsMozIconURI::GetHasRef(bool* result) {
return NS_OK;
}
-NS_IMPL_ISUPPORTS(nsMozIconURI::Mutator, nsIURISetters, nsIURIMutator)
+NS_IMPL_NSIURIMUTATOR_ISUPPORTS(nsMozIconURI::Mutator, nsIURISetters,
+ nsIURIMutator, nsISerializable)
NS_IMETHODIMP
nsMozIconURI::Mutate(nsIURIMutator** aMutator) {
@@ -617,3 +628,74 @@ NS_IMETHODIMP
nsMozIconURI::GetInnermostURI(nsIURI** aURI) {
return NS_ImplGetInnermostURI(this, aURI);
}
+
+NS_IMETHODIMP
+nsMozIconURI::Read(nsIObjectInputStream* aStream) {
+ MOZ_ASSERT_UNREACHABLE("Use nsIURIMutator.read() instead");
+ return NS_ERROR_NOT_IMPLEMENTED;
+}
+
+nsresult nsMozIconURI::ReadPrivate(nsIObjectInputStream* aStream) {
+ nsAutoCString spec;
+ nsresult rv = aStream->ReadCString(spec);
+ NS_ENSURE_SUCCESS(rv, rv);
+ return SetSpecInternal(spec);
+}
+
+NS_IMETHODIMP
+nsMozIconURI::Write(nsIObjectOutputStream* aStream) {
+ nsAutoCString spec;
+ nsresult rv = GetSpec(spec);
+ NS_ENSURE_SUCCESS(rv, rv);
+ return aStream->WriteStringZ(spec.get());
+}
+
+//----------------------------------------------------------------------------
+// nsSimpleURI::nsIClassInfo
+//----------------------------------------------------------------------------
+
+NS_IMETHODIMP
+nsMozIconURI::GetInterfaces(nsTArray& array) {
+ array.Clear();
+ return NS_OK;
+}
+
+NS_IMETHODIMP
+nsMozIconURI::GetScriptableHelper(nsIXPCScriptable** _retval) {
+ *_retval = nullptr;
+ return NS_OK;
+}
+
+NS_IMETHODIMP
+nsMozIconURI::GetContractID(nsACString& aContractID) {
+ // Make sure to modify any subclasses as needed if this ever
+ // changes.
+ aContractID.SetIsVoid(true);
+ return NS_OK;
+}
+
+NS_IMETHODIMP
+nsMozIconURI::GetClassDescription(nsACString& aClassDescription) {
+ aClassDescription.SetIsVoid(true);
+ return NS_OK;
+}
+
+NS_IMETHODIMP
+nsMozIconURI::GetClassID(nsCID** aClassID) {
+ // Make sure to modify any subclasses as needed if this ever
+ // changes to not call the virtual GetClassIDNoAlloc.
+ *aClassID = (nsCID*)moz_xmalloc(sizeof(nsCID));
+ return GetClassIDNoAlloc(*aClassID);
+}
+
+NS_IMETHODIMP
+nsMozIconURI::GetFlags(uint32_t* aFlags) {
+ *aFlags = nsIClassInfo::MAIN_THREAD_ONLY;
+ return NS_OK;
+}
+
+NS_IMETHODIMP
+nsMozIconURI::GetClassIDNoAlloc(nsCID* aClassIDNoAlloc) {
+ *aClassIDNoAlloc = kIconURICID;
+ return NS_OK;
+}
diff --git a/image/decoders/icon/nsIconURI.h b/image/decoders/icon/nsIconURI.h
index 8b24ff92f378..7fa801a14f1e 100644
--- a/image/decoders/icon/nsIconURI.h
+++ b/image/decoders/icon/nsIconURI.h
@@ -10,19 +10,32 @@
#include "nsIIconURI.h"
#include "nsCOMPtr.h"
#include "nsString.h"
+#include "nsIClassInfo.h"
#include "nsINestedURI.h"
#include "nsIURIMutator.h"
+#define NS_THIS_ICONURI_IMPLEMENTATION_CID \
+ { /* 0b9bb0c2-fee6-470b-b9b9-9fd9462b5e19 */ \
+ 0x5c3e417f, 0xb686, 0x4105, { \
+ 0x86, 0xe7, 0xf9, 0x1b, 0xac, 0x97, 0x4d, 0x5c \
+ } \
+ }
+
namespace mozilla {
class Encoding;
}
-class nsMozIconURI final : public nsIMozIconURI, public nsINestedURI {
+class nsMozIconURI final : public nsIMozIconURI,
+ public nsINestedURI,
+ public nsISerializable,
+ public nsIClassInfo {
public:
NS_DECL_THREADSAFE_ISUPPORTS
NS_DECL_NSIURI
NS_DECL_NSIMOZICONURI
NS_DECL_NSINESTEDURI
+ NS_DECL_NSISERIALIZABLE
+ NS_DECL_NSICLASSINFO
protected:
nsMozIconURI();
@@ -56,14 +69,25 @@ class nsMozIconURI final : public nsIMozIconURI, public nsINestedURI {
nsresult SetQuery(const nsACString& input);
nsresult SetQueryWithEncoding(const nsACString& input,
const mozilla::Encoding* encoding);
+ nsresult ReadPrivate(nsIObjectInputStream* stream);
bool Deserialize(const mozilla::ipc::URIParams&);
public:
class Mutator final : public nsIURIMutator,
- public BaseURIMutator {
+ public BaseURIMutator,
+ public nsISerializable {
NS_DECL_ISUPPORTS
NS_FORWARD_SAFE_NSIURISETTERS_RET(mURI)
+ NS_IMETHOD
+ Write(nsIObjectOutputStream* aOutputStream) override {
+ return NS_ERROR_NOT_IMPLEMENTED;
+ }
+
+ MOZ_MUST_USE NS_IMETHOD Read(nsIObjectInputStream* aStream) override {
+ return InitFromInputStream(aStream);
+ }
+
NS_IMETHOD Deserialize(const mozilla::ipc::URIParams& aParams) override {
return InitFromIPCParams(aParams);
}
diff --git a/netwerk/build/nsNetCID.h b/netwerk/build/nsNetCID.h
index e3a650a183ef..c07d42eb74f4 100644
--- a/netwerk/build/nsNetCID.h
+++ b/netwerk/build/nsNetCID.h
@@ -59,6 +59,14 @@
} \
}
+// component implementing nsIURI, nsISerializable, and nsIClassInfo.
+#define NS_ICONURI_CID \
+ { /* 1460df3b-774c-4205-8349-838e507c3ef9 */ \
+ 0x1460df3b, 0x774c, 0x4205, { \
+ 0x83, 0x49, 0x83, 0x8e, 0x50, 0x7c, 0x3e, 0xf9 \
+ } \
+ }
+
#define NS_SIMPLEURIMUTATOR_CONTRACTID \
"@mozilla.org/network/simple-uri-mutator;1"
#define NS_SIMPLEURIMUTATOR_CID \
diff --git a/testing/crashtest/crashtests.list b/testing/crashtest/crashtests.list
index f8899c5c257f..f554e6a55d3a 100644
--- a/testing/crashtest/crashtests.list
+++ b/testing/crashtest/crashtests.list
@@ -25,6 +25,7 @@ skip-if(!webrtc) include ../../dom/media/tests/crashtests/crashtests.list
include ../../dom/media/webspeech/synth/crashtests/crashtests.list
include ../../dom/offline/crashtests/crashtests.list
include ../../dom/plugins/test/crashtests/crashtests.list
+include ../../dom/security/test/crashtests/crashtests.list
include ../../dom/smil/crashtests/crashtests.list
include ../../dom/svg/crashtests/crashtests.list
include ../../dom/workers/test/crashtests/crashtests.list