Bug 1346759 - Use URI comparison for null principals instead of pointer comparison. r=ckerschb,bholley

Differential Revision: https://phabricator.services.mozilla.com/D12154 --HG-- extra : moz-landing-system : lando
2019-02-11 18:03:12 +00:00 · 2019-02-11 18:03:12 +00:00 · dcf26b19b4
--- a/Cargo.lock
+++ b/Cargo.lock
@ -1123,6 +1123,7 @@ dependencies = [
 "encoding_glue 0.1.0",
 "env_logger 0.5.6 (registry+https://github.com/rust-lang/crates.io-index)",
 "geckoservo 0.0.1",
 "gkrust_utils 0.1.0",
 "jsrust_shared 0.1.0",
 "kvstore 0.1.0",
 "log 0.4.6 (registry+https://github.com/rust-lang/crates.io-index)",
@ -1140,6 +1141,14 @@ dependencies = [
 "xpcom 0.1.0",
 ]
 [[package]]
 name = "gkrust_utils"
 version = "0.1.0"
 dependencies = [
 "nsstring 0.1.0",
 "uuid 0.6.5 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
 [[package]]
 name = "gl_generator"
 version = "0.10.0"
--- a/Cargo.toml
+++ b/Cargo.toml
@ -36,6 +36,7 @@ exclude = [
  "media/mp4parse-rust/mp4parse",
  "media/mp4parse-rust/mp4parse_capi",
  "media/mp4parse-rust/mp4parse_fallible",
  "xpcom/rust/gkrust_utils",
 ]
 # Explicitly specify what our profiles use.  The opt-level setting here is
--- a/caps/BasePrincipal.h
+++ b/caps/BasePrincipal.h
@ -279,13 +279,11 @@ inline bool BasePrincipal::FastEquals(nsIPrincipal* aOther) {
  // Two principals are considered to be equal if their origins are the same.
  // If the two principals are codebase principals, their origin attributes
  // (aka the origin suffix) must also match.
-  // If the two principals are null principals, they're only equal if they're
+  if (Kind() == eSystemPrincipal) {
  // the same object.
  if (Kind() == eNullPrincipal || Kind() == eSystemPrincipal) {
    return this == other;
  }
-  if (Kind() == eCodebasePrincipal) {
+  if (Kind() == eCodebasePrincipal || Kind() == eNullPrincipal) {
    return mOriginNoSuffix == other->mOriginNoSuffix &&
           mOriginSuffix == other->mOriginSuffix;
  }
@ -308,13 +306,6 @@ inline bool BasePrincipal::FastEqualsConsideringDomain(nsIPrincipal* aOther) {
 inline bool BasePrincipal::FastSubsumes(nsIPrincipal* aOther) {
  // If two principals are equal, then they both subsume each other.
  // We deal with two special cases first:
  // Null principals only subsume each other if they are equal, and are only
  // equal if they're the same object.
  auto other = Cast(aOther);
  if (Kind() == eNullPrincipal && other->Kind() == eNullPrincipal) {
    return this == other;
  }
  if (FastEquals(aOther)) {
    return true;
  }
--- a/caps/NullPrincipal.cpp
+++ b/caps/NullPrincipal.cpp
@ -171,7 +171,9 @@ bool NullPrincipal::MayLoadInternal(nsIURI* aURI) {
  nsCOMPtr<nsIPrincipal> blobPrincipal;
  if (dom::BlobURLProtocolHandler::GetBlobURLPrincipal(
          aURI, getter_AddRefs(blobPrincipal))) {
-    return blobPrincipal == this;
+    MOZ_ASSERT(blobPrincipal);
    return SubsumesInternal(blobPrincipal,
                            BasePrincipal::ConsiderDocumentDomain);
  }
  return false;
--- a/caps/NullPrincipal.h
+++ b/caps/NullPrincipal.h
@ -87,7 +87,8 @@ class NullPrincipal final : public BasePrincipal {
  bool SubsumesInternal(nsIPrincipal* aOther,
                        DocumentDomainConsideration aConsideration) override {
-    return aOther == this;
+    MOZ_ASSERT(aOther);
    return FastEquals(aOther);
  }
  bool MayLoadInternal(nsIURI* aURI) override;
--- a/caps/NullPrincipalURI.cpp
+++ b/caps/NullPrincipalURI.cpp
@ -15,6 +15,8 @@
 #include "nsCRT.h"
 #include "nsIUUIDGenerator.h"
 #include "mozilla/GkRustUtils.h"
 using namespace mozilla;
 ////////////////////////////////////////////////////////////////////////////////
@ -27,18 +29,7 @@ NullPrincipalURI::NullPrincipalURI(const NullPrincipalURI& aOther) {
 }
 nsresult NullPrincipalURI::Init() {
-  // FIXME: bug 327161 -- make sure the uuid generator is reseeding-resistant.
+  GkRustUtils::GenerateUUID(mPath);
  nsCOMPtr<nsIUUIDGenerator> uuidgen = services::GetUUIDGenerator();
  NS_ENSURE_TRUE(uuidgen, NS_ERROR_NOT_AVAILABLE);
  nsID id;
  nsresult rv = uuidgen->GenerateUUIDInPlace(&id);
  NS_ENSURE_SUCCESS(rv, rv);
  mPath.SetLength(NSID_LENGTH - 1);  // -1 because NSID_LENGTH counts the '\0'
  id.ToProvidedString(
      *reinterpret_cast<char(*)[NSID_LENGTH]>(mPath.BeginWriting()));
  MOZ_ASSERT(mPath.Length() == NSID_LENGTH - 1);
  MOZ_ASSERT(strlen(mPath.get()) == NSID_LENGTH - 1);
--- a/layout/style/RunCbindgen.py
+++ b/layout/style/RunCbindgen.py
@ -10,6 +10,8 @@ import subprocess
 CARGO_LOCK = mozpath.join(buildconfig.topsrcdir, "Cargo.lock")
 # cbindgen_crate_path needs to match the crate name
 # EG: /xpcom/rust/gkrust_utils is the path for the "gkrust_utils" crate
 def generate(output, cbindgen_crate_path, *in_tree_dependencies):
    env = os.environ.copy()
    env['CARGO'] = str(buildconfig.substs['CARGO'])
--- a/toolkit/library/rust/shared/Cargo.toml
+++ b/toolkit/library/rust/shared/Cargo.toml
@ -24,6 +24,7 @@ encoding_glue = { path = "../../../../intl/encoding_glue" }
 audioipc-client = { path = "../../../../media/audioipc/client", optional = true }
 audioipc-server = { path = "../../../../media/audioipc/server", optional = true }
 u2fhid = { path = "../../../../dom/webauthn/u2f-hid-rs" }
 gkrust_utils = { path = "../../../../xpcom/rust/gkrust_utils" }
 rsdparsa_capi = { path = "../../../../media/webrtc/signaling/src/sdp/rsdparsa_capi" }
 # We have these to enforce common feature sets for said crates.
 log = {version = "0.4", features = ["release_max_level_info"]}
--- a/toolkit/library/rust/shared/lib.rs
+++ b/toolkit/library/rust/shared/lib.rs
@ -29,6 +29,7 @@ extern crate audioipc_client;
 extern crate audioipc_server;
 extern crate env_logger;
 extern crate u2fhid;
 extern crate gkrust_utils;
 extern crate log;
 extern crate cosec;
 extern crate rsdparsa_capi;
--- a/toolkit/mozapps/extensions/AddonManager.jsm
+++ b/toolkit/mozapps/extensions/AddonManager.jsm
@ -1901,7 +1901,7 @@ var AddonManagerInternal = {
        this.installNotifyObservers("addon-install-disabled", topBrowser,
                                    aInstallingPrincipal.URI, aInstall);
        return;
-      } else if (!aBrowser.contentPrincipal || !aInstallingPrincipal.subsumes(aBrowser.contentPrincipal)) {
+      } else if (aInstallingPrincipal.isNullPrincipal || !aBrowser.contentPrincipal || !aInstallingPrincipal.subsumes(aBrowser.contentPrincipal)) {
        aInstall.cancel();
        this.installNotifyObservers("addon-install-origin-blocked", topBrowser,
--- a/xpcom/base/GkRustUtils.cpp
+++ b/xpcom/base/GkRustUtils.cpp
@ -0,0 +1,15 @@
 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
 /* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 #include "gk_rust_utils_ffi_generated.h"
 #include "nsString.h"
 #include "GkRustUtils.h"
 using namespace mozilla;
 /* static */ void GkRustUtils::GenerateUUID(nsACString& aResult) {
  GkRustUtils_GenerateUUID(&aResult);
 };
--- a/xpcom/base/GkRustUtils.h
+++ b/xpcom/base/GkRustUtils.h
@ -0,0 +1,11 @@
 #ifndef __mozilla_GkRustUtils_h
 #define __mozilla_GkRustUtils_h
 #include "nsString.h"
 class GkRustUtils {
 public:
  static void GenerateUUID(nsACString& aResult);
 };
 #endif
--- a/xpcom/base/moz.build
+++ b/xpcom/base/moz.build
@ -115,6 +115,7 @@ EXPORTS.mozilla += [
    'DeferredFinalize.h',
    'EnumeratedArrayCycleCollection.h',
    'ErrorNames.h',
    'GkRustUtils.h',
    'HoldDropJSObjects.h',
    'IntentionalCrash.h',
    'JSObjectHolder.h',
@ -149,6 +150,7 @@ UNIFIED_SOURCES += [
    'DebuggerOnGCRunnable.cpp',
    'DeferredFinalize.cpp',
    'ErrorNames.cpp',
    'GkRustUtils.cpp',
    'HoldDropJSObjects.cpp',
    'JSObjectHolder.cpp',
    'LogCommandLineHandler.cpp',
@ -215,6 +217,21 @@ elif CONFIG['MOZ_WIDGET_TOOLKIT'] == 'windows':
        'nsCrashOnException.cpp',
    ]
 if CONFIG['COMPILE_ENVIRONMENT']:
    GENERATED_FILES += [
        'gk_rust_utils_ffi_generated.h',
    ]
    EXPORTS.mozilla += [
        '!gk_rust_utils_ffi_generated.h',
    ]
    ffi_generated = GENERATED_FILES['gk_rust_utils_ffi_generated.h']
    ffi_generated.script = '/layout/style/RunCbindgen.py:generate'
    ffi_generated.inputs = [
        '/xpcom/rust/gkrust_utils',
    ]
 include('/ipc/chromium/chromium-config.mozbuild')
 FINAL_LIBRARY = 'xul'
--- a/xpcom/base/nsInterfaceRequestorAgg.cpp
+++ b/xpcom/base/nsInterfaceRequestorAgg.cpp
@ -22,7 +22,7 @@ class nsInterfaceRequestorAgg final : public nsIInterfaceRequestor {
                          nsIEventTarget* aConsumerTarget = nullptr)
      : mFirst(aFirst), mSecond(aSecond), mConsumerTarget(aConsumerTarget) {
    if (!mConsumerTarget) {
-      mConsumerTarget = GetCurrentThreadEventTarget();
+      mConsumerTarget = mozilla::GetCurrentThreadEventTarget();
    }
  }
--- a/xpcom/rust/gkrust_utils/Cargo.toml
+++ b/xpcom/rust/gkrust_utils/Cargo.toml
@ -0,0 +1,8 @@
 [package]
 name = "gkrust_utils"
 version = "0.1.0"
 authors = ["Jonathan Kingston <jkt@mozilla.com>"]
 [dependencies]
 uuid = { version = "0.6", features = ["v4"] }
 nsstring = { path = "../nsstring" }
--- a/xpcom/rust/gkrust_utils/cbindgen.toml
+++ b/xpcom/rust/gkrust_utils/cbindgen.toml
@ -0,0 +1,31 @@
 header = """/* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */"""
 autogen_warning = """/* DO NOT MODIFY THIS MANUALLY! This file was generated using cbindgen.
 * To generate this file:
 *   1. Get the latest cbindgen using `cargo install --force cbindgen`
 *      a. Alternatively, you can clone `https://github.com/eqrion/cbindgen` and use a tagged release
 *   2. Run `rustup run nightly cbindgen xpcom/rust/gkrust_utils --lockfile Cargo.lock --crate gkrust_utils -o xpcom/base/gk_rust_utils_ffi_generated.h`
 */
 #include "nsError.h"
 #include "nsString.h"
 """
 include_version = true
 braces = "SameLine"
 line_length = 100
 tab_width = 2
 language = "C++"
 namespaces = ["mozilla"]
 [export]
 # Skip constants because we don't have any
 item_types = ["globals", "enums", "structs", "unions", "typedefs", "opaque", "functions"]
 [enum]
 add_sentinel = true
 derive_helper_methods = true
 [defines]
 "target_os = windows" = "XP_WIN"
 "target_os = macos" = "XP_MACOSX"
 "target_os = android" = "ANDROID"
--- a/xpcom/rust/gkrust_utils/src/lib.rs
+++ b/xpcom/rust/gkrust_utils/src/lib.rs
@ -0,0 +1,13 @@
 extern crate nsstring;
 extern crate uuid;
 use nsstring::nsACString;
 use uuid::Uuid;
 use std::fmt::Write;
 #[no_mangle]
 pub extern "C" fn GkRustUtils_GenerateUUID(res: &mut nsACString) {
    // TODO once the vendored Uuid implementation is >7 this likely can use Hyphenated instead of to_string
    let uuid = Uuid::new_v4().hyphenated().to_string();
    write!(res, "{{{}}}", uuid).expect("Unexpected uuid generated");
 }