mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Bug 932315 - Throw a different error when this-unwrapping fails for security reasons. r=bz. 

--HG--
extra : rebase_source : a92639be64d8d591ea4c97955bc04e6047e0d027
This commit is contained in:
Peter Van der Beken 2013-10-16 18:11:25 +02:00
Родитель a6a084f359
Коммит a4fe40c32e
3 изменённых файлов: 31 добавлений и 5 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

21
dom/bindings/BindingUtils.h
Просмотреть файл

@ -64,6 +64,27 @@ UnwrapArg(JSContext* cx, JS::Handle<JS::Value> v, Interface** ppArg,
return rv; return rv;
} }
inline const ErrNum
GetInvalidThisErrorForMethod(bool aSecurityError)
{
return aSecurityError ? MSG_METHOD_THIS_UNWRAPPING_DENIED :
MSG_METHOD_THIS_DOES_NOT_IMPLEMENT_INTERFACE;
}
inline const ErrNum
GetInvalidThisErrorForGetter(bool aSecurityError)
{
return aSecurityError ? MSG_GETTER_THIS_UNWRAPPING_DENIED :
MSG_GETTER_THIS_DOES_NOT_IMPLEMENT_INTERFACE;
}
inline const ErrNum
GetInvalidThisErrorForSetter(bool aSecurityError)
{
return aSecurityError ? MSG_SETTER_THIS_UNWRAPPING_DENIED :
MSG_SETTER_THIS_DOES_NOT_IMPLEMENT_INTERFACE;
}
bool bool
ThrowInvalidThis(JSContext* aCx, const JS::CallArgs& aArgs, ThrowInvalidThis(JSContext* aCx, const JS::CallArgs& aArgs,
const ErrNum aErrorNumber, const ErrNum aErrorNumber,

12
dom/bindings/Codegen.py
Просмотреть файл

@ -2453,13 +2453,14 @@ class CastableObjectUnwrapper():
CGGeneric(self.substitution["codeOnFailure"])).define() CGGeneric(self.substitution["codeOnFailure"])).define()
def __str__(self): def __str__(self):
codeOnFailure = self.substitution["codeOnFailure"] % {'securityError': 'rv == NS_ERROR_XPC_SECURITY_MANAGER_VETO'}
return string.Template( return string.Template(
"""{ """{
nsresult rv = UnwrapObject<${protoID}, ${type}>(cx, ${source}, ${target}); nsresult rv = UnwrapObject<${protoID}, ${type}>(cx, ${source}, ${target});
if (NS_FAILED(rv)) { if (NS_FAILED(rv)) {
${codeOnFailure} ${codeOnFailure}
} }
}""").substitute(self.substitution) }""").substitute(self.substitution, codeOnFailure=codeOnFailure)
class FailureFatalCastableObjectUnwrapper(CastableObjectUnwrapper): class FailureFatalCastableObjectUnwrapper(CastableObjectUnwrapper):
""" """
@ -5453,7 +5454,8 @@ class CGAbstractBindingMethod(CGAbstractStaticMethod):
else: else:
ensureCondition = "!args.thisv().isObject()" ensureCondition = "!args.thisv().isObject()"
getThisObj = "&args.thisv().toObject()" getThisObj = "&args.thisv().toObject()"
ensureThisObj = CGIfWrapper(CGGeneric(self.unwrapFailureCode), unwrapFailureCode = self.unwrapFailureCode % {'securityError': 'false'}
ensureThisObj = CGIfWrapper(CGGeneric(unwrapFailureCode),
ensureCondition) ensureCondition)
else: else:
ensureThisObj = None ensureThisObj = None
@ -5520,7 +5522,7 @@ class CGGenericMethod(CGAbstractBindingMethod):
args = [Argument('JSContext*', 'cx'), Argument('unsigned', 'argc'), args = [Argument('JSContext*', 'cx'), Argument('unsigned', 'argc'),
Argument('JS::Value*', 'vp')] Argument('JS::Value*', 'vp')]
unwrapFailureCode = ( unwrapFailureCode = (
'return ThrowInvalidThis(cx, args, MSG_METHOD_THIS_DOES_NOT_IMPLEMENT_INTERFACE, \"%s\");' % 'return ThrowInvalidThis(cx, args, GetInvalidThisErrorForMethod(%%(securityError)s), "%s");' %
descriptor.interface.identifier.name) descriptor.interface.identifier.name)
CGAbstractBindingMethod.__init__(self, descriptor, 'genericMethod', CGAbstractBindingMethod.__init__(self, descriptor, 'genericMethod',
args, args,
@ -5720,7 +5722,7 @@ class CGGenericGetter(CGAbstractBindingMethod):
else: else:
name = "genericGetter" name = "genericGetter"
unwrapFailureCode = ( unwrapFailureCode = (
'return ThrowInvalidThis(cx, args, MSG_GETTER_THIS_DOES_NOT_IMPLEMENT_INTERFACE, "%s");' % 'return ThrowInvalidThis(cx, args, GetInvalidThisErrorForGetter(%%(securityError)s), "%s");' %
descriptor.interface.identifier.name) descriptor.interface.identifier.name)
CGAbstractBindingMethod.__init__(self, descriptor, name, args, CGAbstractBindingMethod.__init__(self, descriptor, name, args,
unwrapFailureCode) unwrapFailureCode)
@ -5800,7 +5802,7 @@ class CGGenericSetter(CGAbstractBindingMethod):
else: else:
name = "genericSetter" name = "genericSetter"
unwrapFailureCode = ( unwrapFailureCode = (
'return ThrowInvalidThis(cx, args, MSG_SETTER_THIS_DOES_NOT_IMPLEMENT_INTERFACE, "%s");' % 'return ThrowInvalidThis(cx, args, GetInvalidThisErrorForSetter(%%(securityError)s), "%s");' %
descriptor.interface.identifier.name) descriptor.interface.identifier.name)
CGAbstractBindingMethod.__init__(self, descriptor, name, args, CGAbstractBindingMethod.__init__(self, descriptor, name, args,

3
dom/bindings/Errors.msg
Просмотреть файл

@ -25,8 +25,11 @@ MSG_DEF(MSG_NOT_OBJECT, 1, "{0} is not an object.")
MSG_DEF(MSG_NOT_CALLABLE, 1, "{0} is not callable.") MSG_DEF(MSG_NOT_CALLABLE, 1, "{0} is not callable.")
MSG_DEF(MSG_DOES_NOT_IMPLEMENT_INTERFACE, 2, "{0} does not implement interface {1}.") MSG_DEF(MSG_DOES_NOT_IMPLEMENT_INTERFACE, 2, "{0} does not implement interface {1}.")
MSG_DEF(MSG_METHOD_THIS_DOES_NOT_IMPLEMENT_INTERFACE, 2, "'{0}' called on an object that does not implement interface {1}.") MSG_DEF(MSG_METHOD_THIS_DOES_NOT_IMPLEMENT_INTERFACE, 2, "'{0}' called on an object that does not implement interface {1}.")
MSG_DEF(MSG_METHOD_THIS_UNWRAPPING_DENIED, 1, "Permission to call '{0}' denied.")
MSG_DEF(MSG_GETTER_THIS_DOES_NOT_IMPLEMENT_INTERFACE, 2, "'{0}' getter called on an object that does not implement interface {1}.") MSG_DEF(MSG_GETTER_THIS_DOES_NOT_IMPLEMENT_INTERFACE, 2, "'{0}' getter called on an object that does not implement interface {1}.")
MSG_DEF(MSG_GETTER_THIS_UNWRAPPING_DENIED, 1, "Permission to call '{0}' getter denied.")
MSG_DEF(MSG_SETTER_THIS_DOES_NOT_IMPLEMENT_INTERFACE, 2, "'{0}' setter called on an object that does not implement interface {1}.") MSG_DEF(MSG_SETTER_THIS_DOES_NOT_IMPLEMENT_INTERFACE, 2, "'{0}' setter called on an object that does not implement interface {1}.")
MSG_DEF(MSG_SETTER_THIS_UNWRAPPING_DENIED, 1, "Permission to call '{0}' setter denied.")
MSG_DEF(MSG_THIS_DOES_NOT_IMPLEMENT_INTERFACE, 1, "\"this\" object does not implement interface {0}.") MSG_DEF(MSG_THIS_DOES_NOT_IMPLEMENT_INTERFACE, 1, "\"this\" object does not implement interface {0}.")
MSG_DEF(MSG_NOT_IN_UNION, 2, "{0} could not be converted to any of: {1}.") MSG_DEF(MSG_NOT_IN_UNION, 2, "{0} could not be converted to any of: {1}.")
MSG_DEF(MSG_ILLEGAL_CONSTRUCTOR, 0, "Illegal constructor.") MSG_DEF(MSG_ILLEGAL_CONSTRUCTOR, 0, "Illegal constructor.")