Bug 1762920: remove whitelist from xpcom/crashreporter r=nika,gsvelto

Differential Revision: https://phabricator.services.mozilla.com/D142843
2022-05-12 21:07:25 +00:00 · 2022-05-12 21:07:25 +00:00 · e4786a68a6
--- a/toolkit/crashreporter/CrashAnnotations.cpp
+++ b/toolkit/crashreporter/CrashAnnotations.cpp
@ -27,12 +27,12 @@ bool AnnotationFromString(Annotation& aResult, const char* aValue) {
  return true;
 }

-bool IsAnnotationWhitelistedForPing(Annotation aAnnotation) {
+bool IsAnnotationAllowlistedForPing(Annotation aAnnotation) {
  auto elem = find_if(
-      begin(kCrashPingWhitelist), end(kCrashPingWhitelist),
+      begin(kCrashPingAllowlist), end(kCrashPingAllowlist),
      [&aAnnotation](Annotation aElement) { return aElement == aAnnotation; });

-  return elem != end(kCrashPingWhitelist);
+  return elem != end(kCrashPingAllowlist);
 }

 }  // namespace CrashReporter
--- a/toolkit/crashreporter/CrashAnnotations.h.in
+++ b/toolkit/crashreporter/CrashAnnotations.h.in
@ -20,9 +20,9 @@ const char* const kAnnotationStrings[] = {
 ${strings}
 };

-// Whitelist of crash annotations that can be included in a crash ping
-const Annotation kCrashPingWhitelist[] = {
-${whitelist}
+// Allowlist of crash annotations that can be included in a crash ping
+const Annotation kCrashPingAllowlist[] = {
+${allowlist}
 };

 /**
@ -46,14 +46,14 @@ static inline const char* AnnotationToString(Annotation aAnnotation) {
 bool AnnotationFromString(Annotation& aResult, const char* aValue);

 /**
- * Checks if the given crash annotation is whitelisted for inclusion in the
+ * Checks if the given crash annotation is allowlisted for inclusion in the
 * crash ping.
 *
 * @param aAnnotation the crash annotation to be checked
 * @return true if the annotation can be included in the crash ping, false
 *         otherwise
 */
-bool IsAnnotationWhitelistedForPing(Annotation aAnnotation);
+bool IsAnnotationAllowlistedForPing(Annotation aAnnotation);

 /**
 * Abstract annotation writer, this is needed only for code that writes out
--- a/toolkit/crashreporter/CrashAnnotations.yaml
+++ b/toolkit/crashreporter/CrashAnnotations.yaml
@ -8,7 +8,7 @@
 # Additionally a field can have the following optional fields:
 # - altname: A string that will be used when writing out the annotation to the
 #   .extra file instead of the annotation name
-# - ping: A boolean that indicates whether the annotation is whitelisted for
+# - ping: A boolean that indicates whether the annotation is allowlisted for
 #   going into the crash ping, if not specified this defaults to false

 A11yHandlerRegistered:
--- a/toolkit/crashreporter/client/ping.cpp
+++ b/toolkit/crashreporter/client/ping.cpp
@ -123,7 +123,7 @@ static Json::Value CreateMetadataNode(const Json::Value& aExtra) {
    Annotation annotation;

    if (AnnotationFromString(annotation, iter.memberName())) {
-      if (IsAnnotationWhitelistedForPing(annotation)) {
+      if (IsAnnotationAllowlistedForPing(annotation)) {
        node[iter.memberName()] = *iter;
      }
    }
--- a/toolkit/crashreporter/generate_crash_reporter_sources.py
+++ b/toolkit/crashreporter/generate_crash_reporter_sources.py
@ -71,8 +71,8 @@ def read_template(template_filename):
    return template


-def extract_crash_ping_whitelist(annotations):
-    """Extract an array holding the names of the annotations whitelisted for
+def extract_crash_ping_allowlist(annotations):
+    """Extract an array holding the names of the annotations allowlisted for
    inclusion in the crash ping."""

    return [
@ -122,13 +122,13 @@ def generate_header(template, annotations):
    """Generate a header by filling the template with the the list of
    annotations and return it as a string."""

-    whitelist = extract_crash_ping_whitelist(annotations)
+    allowlist = extract_crash_ping_allowlist(annotations)

    return template_header + string.Template(template).substitute(
        {
            "enum": generate_enum(annotations),
            "strings": generate_strings(annotations),
-            "whitelist": generate_array_initializer(whitelist),
+            "allowlist": generate_array_initializer(allowlist),
        }
    )

@ -167,11 +167,11 @@ def generate_java_array_initializer(contents):
 def generate_class(template, annotations):
    """Fill the class template from the list of annotations."""

-    whitelist = extract_crash_ping_whitelist(annotations)
+    allowlist = extract_crash_ping_allowlist(annotations)

    return template_header + string.Template(template).substitute(
        {
-            "whitelist": generate_java_array_initializer(whitelist),
+            "allowlist": generate_java_array_initializer(allowlist),
        }
    )

@ -188,8 +188,8 @@ def emit_class(output, annotations_filename):
     * are kept in sync with the other C++ and JS users.
     */
    public class CrashReporterConstants {
-        public static final String[] ANNOTATION_WHITELIST = {
-    ${whitelist}
+        public static final String[] ANNOTATION_ALLOWLIST = {
+    ${allowlist}
        };
    }"""
    )
--- a/toolkit/xre/nsAppRunner.cpp
+++ b/toolkit/xre/nsAppRunner.cpp
@ -1887,15 +1887,15 @@ nsXULAppInfo::RemoveCrashReportAnnotation(const nsACString& key) {
 }

 NS_IMETHODIMP
-nsXULAppInfo::IsAnnotationWhitelistedForPing(const nsACString& aValue,
-                                             bool* aIsWhitelisted) {
+nsXULAppInfo::IsAnnotationAllowlistedForPing(const nsACString& aValue,
+                                             bool* aIsAllowlisted) {
  CrashReporter::Annotation annotation;

  if (!AnnotationFromString(annotation, PromiseFlatCString(aValue).get())) {
    return NS_ERROR_INVALID_ARG;
  }

-  *aIsWhitelisted = CrashReporter::IsAnnotationWhitelistedForPing(annotation);
+  *aIsAllowlisted = CrashReporter::IsAnnotationAllowlistedForPing(annotation);

  return NS_OK;
 }
@ -5490,7 +5490,7 @@ nsresult XREMain::XRE_mainRun() {

    // As FilePreferences need the profile directory, we must initialize right
    // here.
-    mozilla::FilePreferences::InitDirectoriesWhitelist();
+    mozilla::FilePreferences::InitDirectoriesAllowlist();
    mozilla::FilePreferences::InitPrefs();

    OverrideDefaultLocaleIfNeeded();
--- a/toolkit/xre/nsEmbedFunctions.cpp
+++ b/toolkit/xre/nsEmbedFunctions.cpp
@ -720,7 +720,7 @@ nsresult XRE_InitChildProcess(int aArgc, char* aArgv[],
      if (XRE_GetProcessType() != GeckoProcessType_RemoteSandboxBroker) {
        // Remote sandbox launcher process doesn't have prerequisites for
        // these...
-        mozilla::FilePreferences::InitDirectoriesWhitelist();
+        mozilla::FilePreferences::InitDirectoriesAllowlist();
        mozilla::FilePreferences::InitPrefs();
        OverrideDefaultLocaleIfNeeded();
      }
--- a/xpcom/io/FilePreferences.cpp
+++ b/xpcom/io/FilePreferences.cpp
@ -26,7 +26,7 @@ static StaticMutex sMutex MOZ_UNANNOTATED;
 static bool sBlockUNCPaths = false;
 typedef nsTArray<nsString> WinPaths;

-static WinPaths& PathWhitelist() {
+static WinPaths& PathAllowlist() {
  sMutex.AssertCurrentThreadOwns();

  static WinPaths sPaths;
@ -71,7 +71,7 @@ static void AllowUNCDirectory(char const* directory) {
    return;
  }

-  // The whitelist makes sense only for UNC paths, because this code is used
+  // The allowlist makes sense only for UNC paths, because this code is used
  // to block only UNC paths, hence, no need to add non-UNC directories here
  // as those would never pass the check.
  if (!StringBeginsWith(path, u"\\\\"_ns)) {
@ -80,8 +80,8 @@ static void AllowUNCDirectory(char const* directory) {

  StaticMutexAutoLock lock(sMutex);

-  if (!PathWhitelist().Contains(path)) {
-    PathWhitelist().AppendElement(path);
+  if (!PathAllowlist().Contains(path)) {
+    PathAllowlist().AppendElement(path);
  }
 }

@ -119,7 +119,7 @@ void InitPrefs() {
      (sForbiddenPathsEmpty = ForbiddenPaths().Length() == 0);
 }

-void InitDirectoriesWhitelist() {
+void InitDirectoriesAllowlist() {
  // NS_GRE_DIR is the installation path where the binary resides.
  AllowUNCDirectory(NS_GRE_DIR);
  // NS_APP_USER_PROFILE_50_DIR and NS_APP_USER_PROFILE_LOCAL_50_DIR are the two
@ -278,7 +278,7 @@ bool IsBlockedUNCPath(const nsAString& aFilePath) {

  StaticMutexAutoLock lock(sMutex);

-  for (const auto& allowedPrefix : PathWhitelist()) {
+  for (const auto& allowedPrefix : PathAllowlist()) {
    if (StringBeginsWith(normalized, allowedPrefix)) {
      if (normalized.Length() == allowedPrefix.Length()) {
        return false;
@ -358,9 +358,9 @@ bool StartsWithDiskDesignatorAndBackslash(const nsAString& aAbsolutePath) {

 void testing::SetBlockUNCPaths(bool aBlock) { sBlockUNCPaths = aBlock; }

-void testing::AddDirectoryToWhitelist(nsAString const& aPath) {
+void testing::AddDirectoryToAllowlist(nsAString const& aPath) {
  StaticMutexAutoLock lock(sMutex);
-  PathWhitelist().AppendElement(aPath);
+  PathAllowlist().AppendElement(aPath);
 }

 bool testing::NormalizePath(nsAString const& aPath, nsAString& aNormalized) {
--- a/xpcom/io/FilePreferences.h
+++ b/xpcom/io/FilePreferences.h
@ -10,7 +10,7 @@ namespace mozilla {
 namespace FilePreferences {

 void InitPrefs();
-void InitDirectoriesWhitelist();
+void InitDirectoriesAllowlist();
 bool IsBlockedUNCPath(const nsAString& aFilePath);

 #ifdef XP_WIN
@ -31,7 +31,7 @@ extern const nsLiteralString kDevicePathSpecifier;
 namespace testing {

 void SetBlockUNCPaths(bool aBlock);
-void AddDirectoryToWhitelist(nsAString const& aPath);
+void AddDirectoryToAllowlist(nsAString const& aPath);
 bool NormalizePath(nsAString const& aPath, nsAString& aNormalized);

 }  // namespace testing
--- a/xpcom/system/nsICrashReporter.idl
+++ b/xpcom/system/nsICrashReporter.idl
@ -99,7 +99,7 @@ interface nsICrashReporter : nsISupports
  void removeCrashReportAnnotation(in AUTF8String key);

  /**
-   * Checks if an annotation is whitelisted for inclusion in the crash ping.
+   * Checks if an annotation is allowlisted for inclusion in the crash ping.
   *
   * @param key
   *        Name of a known crash annotation constant.
@ -108,7 +108,7 @@ interface nsICrashReporter : nsISupports
             included in the crash ping, false otherwise.
   * @throw NS_ERROR_INVALID_ARG if key contains an invalid value.
   */
-  boolean isAnnotationWhitelistedForPing(in ACString value);
+  boolean isAnnotationAllowlistedForPing(in ACString value);

  /**
   * Append some data to the "Notes" field, to be submitted with a crash report.
--- a/xpcom/tests/gtest/TestFilePreferencesWin.cpp
+++ b/xpcom/tests/gtest/TestFilePreferencesWin.cpp
@ -126,7 +126,7 @@ TEST(FilePreferencesWin, AccessUNC)
  rv = lf->InitWithPath(u"\\\\nice\\..\\evil\\share"_ns);
  ASSERT_EQ(rv, NS_ERROR_FILE_ACCESS_DENIED);

-  mozilla::FilePreferences::testing::AddDirectoryToWhitelist(u"\\\\nice"_ns);
+  mozilla::FilePreferences::testing::AddDirectoryToAllowlist(u"\\\\nice"_ns);

  rv = lf->InitWithPath(u"\\\\nice\\share"_ns);
  ASSERT_EQ(rv, NS_OK);