From dea641b977c5f1dda16c8d782f62d11c104c8ab7 Mon Sep 17 00:00:00 2001
From: Jan Varga <jan.varga@gmail.com>
Date: Sat, 23 Feb 2019 17:03:40 +0100
Subject: [PATCH] Bug 1526891 - Part 4: Add QuotaManager::IsPrincipalInfoValid
 checks to all quota clients; r=asuth

Differential Revision: https://phabricator.services.mozilla.com/D20913
---
 dom/asmjscache/AsmJSCache.cpp    | 10 ++++++++++
 dom/cache/CacheStorage.cpp       | 13 +++++++++++++
 dom/cache/CacheStorageParent.cpp |  7 +++++++
 dom/indexedDB/ActorsParent.cpp   |  5 +++++
 dom/indexedDB/IDBFactory.cpp     | 15 +++++++++++++++
 dom/simpledb/ActorsParent.cpp    |  5 +++++
 dom/simpledb/SDBConnection.cpp   |  4 ++++
 7 files changed, 59 insertions(+)

diff --git a/dom/asmjscache/AsmJSCache.cpp b/dom/asmjscache/AsmJSCache.cpp
index a848784251cf..03b45450a209 100644
--- a/dom/asmjscache/AsmJSCache.cpp
+++ b/dom/asmjscache/AsmJSCache.cpp
@@ -1148,6 +1148,11 @@ PAsmJSCacheEntryParent* AllocEntryParent(OpenMode aOpenMode,
     return nullptr;
   }
 
+  if (NS_WARN_IF(!QuotaManager::IsPrincipalInfoValid(aPrincipalInfo))) {
+    MOZ_ASSERT(false);
+    return nullptr;
+  }
+
   RefPtr<ParentRunnable> runnable =
       new ParentRunnable(aPrincipalInfo, aOpenMode, aWriteParams);
 
@@ -1408,6 +1413,11 @@ ChildRunnable::Run() {
         return NS_OK;
       }
 
+      if (NS_WARN_IF(!QuotaManager::IsPrincipalInfoValid(*principalInfo))) {
+        Fail(JS::AsmJSCache_InternalError);
+        return NS_OK;
+      }
+
       mPrincipalInfo = std::move(principalInfo);
 
       PBackgroundChild* actor = BackgroundChild::GetOrCreateForCurrentThread();
diff --git a/dom/cache/CacheStorage.cpp b/dom/cache/CacheStorage.cpp
index ca3199e05cf4..99f0f8949279 100644
--- a/dom/cache/CacheStorage.cpp
+++ b/dom/cache/CacheStorage.cpp
@@ -20,6 +20,7 @@
 #include "mozilla/dom/cache/PCacheChild.h"
 #include "mozilla/dom/cache/ReadStream.h"
 #include "mozilla/dom/cache/TypeUtils.h"
+#include "mozilla/dom/quota/QuotaManager.h"
 #include "mozilla/dom/WorkerPrivate.h"
 #include "mozilla/ipc/BackgroundChild.h"
 #include "mozilla/ipc/BackgroundUtils.h"
@@ -38,6 +39,7 @@ namespace cache {
 
 using mozilla::ErrorResult;
 using mozilla::Unused;
+using mozilla::dom::quota::QuotaManager;
 using mozilla::ipc::BackgroundChild;
 using mozilla::ipc::IProtocol;
 using mozilla::ipc::PBackgroundChild;
@@ -151,6 +153,12 @@ already_AddRefed<CacheStorage> CacheStorage::CreateOnMainThread(
     return nullptr;
   }
 
+  if (NS_WARN_IF(!QuotaManager::IsPrincipalInfoValid(principalInfo))) {
+    NS_WARNING("CacheStorage not supported on invalid origins.");
+    RefPtr<CacheStorage> ref = new CacheStorage(NS_ERROR_DOM_SECURITY_ERR);
+    return ref.forget();
+  }
+
   bool testingEnabled =
       aForceTrustedOrigin ||
       Preferences::GetBool("dom.caches.testing.enabled", false) ||
@@ -191,6 +199,11 @@ already_AddRefed<CacheStorage> CacheStorage::CreateOnWorker(
 
   const PrincipalInfo& principalInfo = aWorkerPrivate->GetPrincipalInfo();
 
+  if (NS_WARN_IF(!QuotaManager::IsPrincipalInfoValid(principalInfo))) {
+    aRv.Throw(NS_ERROR_FAILURE);
+    return nullptr;
+  }
+
   // We have a number of cases where we want to skip the https scheme
   // validation:
   //
diff --git a/dom/cache/CacheStorageParent.cpp b/dom/cache/CacheStorageParent.cpp
index 746d2d4aeafa..3bb35b8ab84b 100644
--- a/dom/cache/CacheStorageParent.cpp
+++ b/dom/cache/CacheStorageParent.cpp
@@ -10,12 +10,14 @@
 #include "mozilla/dom/cache/ActorUtils.h"
 #include "mozilla/dom/cache/CacheOpParent.h"
 #include "mozilla/dom/cache/ManagerId.h"
+#include "mozilla/dom/quota/QuotaManager.h"
 #include "mozilla/ipc/PBackgroundParent.h"
 
 namespace mozilla {
 namespace dom {
 namespace cache {
 
+using mozilla::dom::quota::QuotaManager;
 using mozilla::ipc::PBackgroundParent;
 using mozilla::ipc::PrincipalInfo;
 
@@ -23,6 +25,11 @@ using mozilla::ipc::PrincipalInfo;
 PCacheStorageParent* AllocPCacheStorageParent(
     PBackgroundParent* aManagingActor, Namespace aNamespace,
     const mozilla::ipc::PrincipalInfo& aPrincipalInfo) {
+  if (NS_WARN_IF(!QuotaManager::IsPrincipalInfoValid(aPrincipalInfo))) {
+    MOZ_ASSERT(false);
+    return nullptr;
+  }
+
   return new CacheStorageParent(aManagingActor, aNamespace, aPrincipalInfo);
 }
 
diff --git a/dom/indexedDB/ActorsParent.cpp b/dom/indexedDB/ActorsParent.cpp
index 5dce731f7b15..58180bad351c 100644
--- a/dom/indexedDB/ActorsParent.cpp
+++ b/dom/indexedDB/ActorsParent.cpp
@@ -12177,6 +12177,11 @@ Factory::AllocPBackgroundIDBFactoryRequestParent(
     return nullptr;
   }
 
+  if (NS_WARN_IF(!QuotaManager::IsPrincipalInfoValid(principalInfo))) {
+    ASSERT_UNLESS_FUZZING();
+    return nullptr;
+  }
+
   RefPtr<ContentParent> contentParent =
       BackgroundParent::GetContentParent(Manager());
 
diff --git a/dom/indexedDB/IDBFactory.cpp b/dom/indexedDB/IDBFactory.cpp
index 8514dc20fbbd..014eb65a2495 100644
--- a/dom/indexedDB/IDBFactory.cpp
+++ b/dom/indexedDB/IDBFactory.cpp
@@ -133,6 +133,11 @@ nsresult IDBFactory::CreateForWindow(nsPIDOMWindowInner* aWindow,
   MOZ_ASSERT(principalInfo->type() == PrincipalInfo::TContentPrincipalInfo ||
              principalInfo->type() == PrincipalInfo::TSystemPrincipalInfo);
 
+  if (NS_WARN_IF(!QuotaManager::IsPrincipalInfoValid(*principalInfo))) {
+    IDB_REPORT_INTERNAL_ERR();
+    return NS_ERROR_DOM_INDEXEDDB_UNKNOWN_ERR;
+  }
+
   nsCOMPtr<nsIWebNavigation> webNav = do_GetInterface(aWindow);
   nsCOMPtr<nsILoadContext> loadContext = do_QueryInterface(webNav);
 
@@ -169,6 +174,10 @@ nsresult IDBFactory::CreateForMainThreadJS(JSContext* aCx,
     return rv;
   }
 
+  if (NS_WARN_IF(!QuotaManager::IsPrincipalInfoValid(*principalInfo))) {
+    return NS_ERROR_DOM_INDEXEDDB_UNKNOWN_ERR;
+  }
+
   rv = CreateForMainThreadJSInternal(aCx, aOwningObject, principalInfo,
                                      aFactory);
   if (NS_WARN_IF(NS_FAILED(rv))) {
@@ -584,6 +593,12 @@ already_AddRefed<IDBOpenDBRequest> IDBFactory::OpenInternal(
       aRv.Throw(NS_ERROR_DOM_INDEXEDDB_UNKNOWN_ERR);
       return nullptr;
     }
+
+    if (NS_WARN_IF(!QuotaManager::IsPrincipalInfoValid(principalInfo))) {
+      IDB_REPORT_INTERNAL_ERR();
+      aRv.Throw(NS_ERROR_DOM_INDEXEDDB_UNKNOWN_ERR);
+      return nullptr;
+    }
   } else {
     principalInfo = *mPrincipalInfo;
   }
diff --git a/dom/simpledb/ActorsParent.cpp b/dom/simpledb/ActorsParent.cpp
index d725c811c78a..82d269627346 100644
--- a/dom/simpledb/ActorsParent.cpp
+++ b/dom/simpledb/ActorsParent.cpp
@@ -497,6 +497,11 @@ PBackgroundSDBConnectionParent* AllocPBackgroundSDBConnectionParent(
     return nullptr;
   }
 
+  if (NS_WARN_IF(!QuotaManager::IsPrincipalInfoValid(aPrincipalInfo))) {
+    ASSERT_UNLESS_FUZZING();
+    return nullptr;
+  }
+
   RefPtr<Connection> actor = new Connection(aPrincipalInfo);
 
   return actor.forget().take();
diff --git a/dom/simpledb/SDBConnection.cpp b/dom/simpledb/SDBConnection.cpp
index 6cde7f0b427f..eab9c5b9fb9d 100644
--- a/dom/simpledb/SDBConnection.cpp
+++ b/dom/simpledb/SDBConnection.cpp
@@ -221,6 +221,10 @@ SDBConnection::Init(nsIPrincipal* aPrincipal) {
     return NS_ERROR_INVALID_ARG;
   }
 
+  if (NS_WARN_IF(!QuotaManager::IsPrincipalInfoValid(*principalInfo))) {
+    return NS_ERROR_INVALID_ARG;
+  }
+
   mPrincipalInfo = std::move(principalInfo);
 
   return NS_OK;