From ce81f1f7ef2e3403bf5df25a540e15090f170ee5 Mon Sep 17 00:00:00 2001 From: Jan de Mooij Date: Thu, 26 Jul 2018 10:58:37 +0200 Subject: [PATCH] Bug 1478275 part 2 - Add a CompartmentPrivate::isSandboxCompartment flag and xpc::IsInSandboxCompartment(obj). r=bholley Wrappers are per-compartment, not per-realm, so this will simplify the next patch. Also, considering the upcoming Realms proposal, it might eventually be possible to have multiple globals in a sandbox compartment. --- js/xpconnect/src/Sandbox.cpp | 1 + js/xpconnect/src/XPCJSRuntime.cpp | 11 +++++++++++ js/xpconnect/src/xpcprivate.h | 3 +++ js/xpconnect/src/xpcpublic.h | 2 ++ 4 files changed, 17 insertions(+) diff --git a/js/xpconnect/src/Sandbox.cpp b/js/xpconnect/src/Sandbox.cpp index fc16f076aa96..2a41b6bd0d04 100644 --- a/js/xpconnect/src/Sandbox.cpp +++ b/js/xpconnect/src/Sandbox.cpp @@ -1112,6 +1112,7 @@ xpc::CreateSandboxObject(JSContext* cx, MutableHandleValue vp, nsISupports* prin priv->allowWaivers = options.allowWaivers; priv->isWebExtensionContentScript = options.isWebExtensionContentScript; priv->isContentXBLCompartment = options.isContentXBLScope; + priv->isSandboxCompartment = true; // Set up the wantXrays flag, which indicates whether xrays are desired even // for same-origin access. diff --git a/js/xpconnect/src/XPCJSRuntime.cpp b/js/xpconnect/src/XPCJSRuntime.cpp index 9bf057cc2a7d..327d1840de46 100644 --- a/js/xpconnect/src/XPCJSRuntime.cpp +++ b/js/xpconnect/src/XPCJSRuntime.cpp @@ -215,6 +215,7 @@ CompartmentPrivate::CompartmentPrivate(JS::Compartment* c) , isWebExtensionContentScript(false) , allowCPOWs(false) , isContentXBLCompartment(false) + , isSandboxCompartment(false) , universalXPConnectEnabled(false) , forcePermissiveCOWs(false) , wasNuked(false) @@ -491,6 +492,16 @@ IsInContentXBLScope(JSObject* obj) return IsContentXBLCompartment(js::GetObjectCompartment(obj)); } +bool +IsInSandboxCompartment(JSObject* obj) +{ + JS::Compartment* comp = js::GetObjectCompartment(obj); + + // We always eagerly create compartment privates for sandbox compartments. + CompartmentPrivate* priv = CompartmentPrivate::Get(comp); + return priv && priv->isSandboxCompartment; +} + bool IsUniversalXPConnectEnabled(JS::Compartment* compartment) { diff --git a/js/xpconnect/src/xpcprivate.h b/js/xpconnect/src/xpcprivate.h index 2c646ecdffab..c0aa7727a420 100644 --- a/js/xpconnect/src/xpcprivate.h +++ b/js/xpconnect/src/xpcprivate.h @@ -2873,6 +2873,9 @@ public: // such a compartment is a content XBL scope. bool isContentXBLCompartment; + // True if this is a sandbox compartment. See xpc::CreateSandboxObject. + bool isSandboxCompartment; + // This is only ever set during mochitest runs when enablePrivilege is called. // It's intended as a temporary stopgap measure until we can finish ripping out // enablePrivilege. Once set, this value is never unset (i.e., it doesn't follow diff --git a/js/xpconnect/src/xpcpublic.h b/js/xpconnect/src/xpcpublic.h index 4ff8a6c96ead..e841ab7bdeb8 100644 --- a/js/xpconnect/src/xpcpublic.h +++ b/js/xpconnect/src/xpcpublic.h @@ -85,6 +85,8 @@ bool IsContentXBLCompartment(JS::Compartment* compartment); bool IsContentXBLScope(JS::Realm* realm); bool IsInContentXBLScope(JSObject* obj); +bool IsInSandboxCompartment(JSObject* obj); + // Return a raw XBL scope object corresponding to contentScope, which must // be an object whose global is a DOM window. //