Bug 604430 - Make the wantXrays flag apply to values obtained off of the sandbox object itself. r=peterv

--HG-- extra : rebase_source : 5c4c04829b8db95cc47954b11152ec328bbd7b98
2010-10-25 16:29:13 -07:00 · 2010-10-25 16:29:13 -07:00 · 8fcb8ca6f8
--- a/js/src/xpconnect/src/nsXPConnect.cpp
+++ b/js/src/xpconnect/src/nsXPConnect.cpp
@ -942,7 +942,7 @@ static JSClass xpcTempGlobalClass = {
 nsresult
 xpc_CreateGlobalObject(JSContext *cx, JSClass *clasp,
                       const nsACString &origin, nsIPrincipal *principal,
-                       bool preferXrays, JSObject **global,
+                       bool wantXrays, JSObject **global,
                       JSCompartment **compartment)
 {
    XPCCompartmentMap& map = nsXPConnect::GetRuntimeInstance()->GetCompartmentMap();
@ -973,7 +973,7 @@ xpc_CreateGlobalObject(JSContext *cx, JSClass *clasp,
        js::SwitchToCompartment sc(cx, *compartment);

        xpc::CompartmentPrivate *priv =
-            new xpc::CompartmentPrivate(ToNewCString(local_origin), preferXrays);
+            new xpc::CompartmentPrivate(ToNewCString(local_origin), wantXrays);
        JS_SetCompartmentPrivate(cx, *compartment, priv);
        map.Put(local_origin, *compartment);
    }
--- a/js/src/xpconnect/src/xpccomponents.cpp
+++ b/js/src/xpconnect/src/xpccomponents.cpp
@ -3165,6 +3165,15 @@ NS_IMPL_THREADSAFE_RELEASE(nsXPCComponents_utils_Sandbox)
 #include "xpc_map_end.h" /* This #undef's the above. */

 #ifndef XPCONNECT_STANDALONE
+
+static bool
+WrapForSandbox(JSContext *cx, bool wantXrays, jsval *vp)
+{
+    return wantXrays
+           ? JS_WrapValue(cx, vp)
+           : xpc::WrapperFactory::WaiveXrayAndWrap(cx, vp);
+}
+
 nsresult
 xpc_CreateSandboxObject(JSContext * cx, jsval * vp, nsISupports *prinOrSop, JSObject *proto,
                        bool wantXrays)
@ -3263,7 +3272,7 @@ xpc_CreateSandboxObject(JSContext * cx, jsval * vp, nsISupports *prinOrSop, JSOb

    if (vp) {
        *vp = OBJECT_TO_JSVAL(sandbox);
-        if (!JS_WrapValue(cx, vp)) {
+        if (!WrapForSandbox(cx, wantXrays, vp)) {
            return NS_ERROR_UNEXPECTED;
        }
    }
@ -3732,7 +3741,11 @@ xpc_EvalInSandbox(JSContext *cx, JSObject *sandbox, const nsAString& source,
                v = STRING_TO_JSVAL(str);
            }

-            if (!ac.enter(cx, callingScope) || !JS_WrapValue(cx, &v)) {
+            xpc::CompartmentPrivate *sandboxdata =
+                static_cast<xpc::CompartmentPrivate *>
+                           (JS_GetCompartmentPrivate(cx, sandbox->getCompartment()));
+            if (!ac.enter(cx, callingScope) ||
+                !WrapForSandbox(cx, sandboxdata->wantXrays, &v)) {
                rv = NS_ERROR_FAILURE;
            }

--- a/js/src/xpconnect/src/xpcprivate.h
+++ b/js/src/xpconnect/src/xpcprivate.h
@ -4431,13 +4431,13 @@ namespace xpc {

 struct CompartmentPrivate
 {
-  CompartmentPrivate(char *origin, bool preferXrays)
+  CompartmentPrivate(char *origin, bool wantXrays)
    : origin(origin),
-      preferXrays(preferXrays)
+      wantXrays(wantXrays)
  {
  }
  char *origin;
-  bool preferXrays;
+  bool wantXrays;
 };

 }
--- a/js/src/xpconnect/src/xpcpublic.h
+++ b/js/src/xpconnect/src/xpcpublic.h
@ -47,7 +47,7 @@
 nsresult
 xpc_CreateGlobalObject(JSContext *cx, JSClass *clasp,
                       const nsACString &origin, nsIPrincipal *principal,
-                       bool preferXrays, JSObject **global,
+                       bool wantXrays, JSObject **global,
                       JSCompartment **compartment);

 #endif
--- a/js/src/xpconnect/tests/chrome/test_evalInSandbox.xul
+++ b/js/src/xpconnect/tests/chrome/test_evalInSandbox.xul
@ -43,27 +43,37 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=533596
             "return value was rewrapped correctly");
      }

+      function checkCrossOriginXrayedSandbox(sandbox)
+      {
+        ok(Cu.evalInSandbox("('wrappedJSObject' in this.document);", sandbox),
+           "wrappers inside eIS are Xrays");
+        ok(Cu.evalInSandbox("!('foo' in this.document);", sandbox),
+           "must not see expandos");
+        ok('wrappedJSObject' in Cu.evalInSandbox("this.document", sandbox),
+           "wrappers returned from the sandbox are Xrays");
+        ok(!("foo" in Cu.evalInSandbox("this.document", sandbox)),
+           "must not see expandos in wrappers returned from the sandbox");
+
+        ok('wrappedJSObject' in sandbox.document,
+           "values obtained from the sandbox are Xrays");
+        ok(!("foo" in sandbox.document),
+           "must not see expandos in wrappers obtained from the sandbox");
+
+      }
+
      function checkCrossOrigin(ifr) {
        var win = ifr.contentWindow;
        var sandbox =
          new Cu.Sandbox(win, { sandboxPrototype: win, wantXrays: true } );

        checkCrossOriginSandbox(sandbox);
-
-        ok(Cu.evalInSandbox("('wrappedJSObject' in this.document);", sandbox),
-           "wrappers inside eIS are XPCNativeWrappers");
-        ok(Cu.evalInSandbox("!('foo' in this.document);", sandbox),
-           "must not see expandos");
+        checkCrossOriginXrayedSandbox(sandbox);

        sandbox =
          new Cu.Sandbox(win, { sandboxPrototype: win } );

        checkCrossOriginSandbox(sandbox);
-
-        ok(Cu.evalInSandbox("('wrappedJSObject' in this.document);", sandbox),
-           "wrappers inside eIS are XPCNativeWrappers");
-        ok(Cu.evalInSandbox("!('foo' in this.document);", sandbox),
-           "must not see expandos");
+        checkCrossOriginXrayedSandbox(sandbox);

        sandbox =
          new Cu.Sandbox(win, { sandboxPrototype: win, wantXrays: false } );
@ -72,6 +82,11 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=533596

        ok(Cu.evalInSandbox("('foo' in this.document);", sandbox),
           "can see expandos");
+        ok(("foo" in Cu.evalInSandbox("this.document", sandbox)),
+           "must see expandos in wrappers returned from the sandbox");
+
+        ok(("foo" in sandbox.document),
+           "must see expandos in wrappers obtained from the sandbox");

        testDone();
      }
--- a/js/src/xpconnect/wrappers/WrapperFactory.cpp
+++ b/js/src/xpconnect/wrappers/WrapperFactory.cpp
@ -216,7 +216,7 @@ WrapperFactory::Rewrap(JSContext *cx, JSObject *obj, JSObject *wrappedProto, JSO
        if (AccessCheck::needsSystemOnlyWrapper(obj)) {
            wrapper = &FilteringWrapper<JSCrossCompartmentWrapper,
                                        OnlyIfSubjectIsSystem>::singleton;
-        } else if (targetdata && targetdata->preferXrays && IS_WN_WRAPPER(obj)) {
+        } else if (targetdata && targetdata->wantXrays && IS_WN_WRAPPER(obj)) {
            typedef XrayWrapper<JSCrossCompartmentWrapper, CrossCompartmentXray> Xray;
            wrapper = &Xray::singleton;
            xrayHolder = Xray::createHolder(cx, obj, parent);