Bug 1766114 - Part 1: Define ChromeUtils in privideged AutoConfig sandbox. r=mkaply

Differential Revision: https://phabricator.services.mozilla.com/D144939

extensions/pref/autoconfig/src/nsJSConfigTriggers.cpp

@@ -14,6 +14,7 @@
 #include "mozilla/Maybe.h"
 #include "mozilla/NullPrincipal.h"
 #include "mozilla/dom/ScriptSettings.h"
+#include "mozilla/dom/ChromeUtilsBinding.h"
 #include "nsContentUtils.h"
 #include "nsJSPrincipals.h"
 #include "nsIScriptError.h"
@@ -75,6 +76,11 @@ nsresult CentralizedAdminPrefManagerInit(bool aSandboxEnabled) {
     return NS_ERROR_FAILURE;
   }
 
+  // Define ChromeUtils for ChromeUtils.import.
+  if (!mozilla::dom::ChromeUtils_Binding::GetConstructorObject(cx)) {
+    return NS_ERROR_FAILURE;
+  }
+
   return NS_OK;
 }
 

extensions/pref/autoconfig/test/unit/autoconfig-chromecheck.cfg

@@ -1,3 +1,4 @@
 // # don't remove this comment! (the first line is ignored by Mozilla)
 
 lockPref("_test.string.typeofComponents", typeof Components);
+lockPref("_test.string.typeofChromeUtils", typeof ChromeUtils);

extensions/pref/autoconfig/test/unit/autoconfig-no-sandbox-check.cfg

@@ -0,0 +1,14 @@
+// # don't remove this comment! (the first line is ignored by Mozilla)
+
+lockPref("_test.typeof_Components", typeof Components);
+lockPref("_test.typeof_ChromeUtils", typeof ChromeUtils);
+
+const obj = {};
+var g = Components.utils.import("resource://gre/modules/Services.jsm", obj);
+
+lockPref("_test.typeof_Cu_g_Services", typeof g.Services);
+lockPref("_test.typeof_Cu_obj_Services", typeof obj.Services);
+
+const { Services } = ChromeUtils.import("resource://gre/modules/Services.jsm");
+
+lockPref("_test.typeof_ChromeUtils_Services", typeof Services);

extensions/pref/autoconfig/test/unit/autoconfig-no-sandbox.js

@@ -0,0 +1,5 @@
+/* global pref */
+pref("general.config.sandbox_enabled", false);
+pref("general.config.filename", "autoconfig.cfg");
+pref("general.config.vendor", "autoconfig");
+pref("general.config.obscure_value", 0);

extensions/pref/autoconfig/test/unit/test_autoconfig_no_sandbox.js

@@ -0,0 +1,65 @@
+/* Any copyright is dedicated to the Public Domain.
+   http://creativecommons.org/publicdomain/zero/1.0/ */
+
+/* eslint no-unsafe-finally: "off"*/
+
+const { Services } = ChromeUtils.import("resource://gre/modules/Services.jsm");
+
+function run_test() {
+  let prefs = Services.prefs.getBranch(null);
+
+  let greD = Services.dirsvc.get("GreD", Ci.nsIFile);
+  let defaultPrefD = Services.dirsvc.get("PrfDef", Ci.nsIFile);
+  let testDir = do_get_cwd();
+
+  try {
+    let autoConfigJS = testDir.clone();
+    autoConfigJS.append("autoconfig-no-sandbox.js");
+    autoConfigJS.copyTo(defaultPrefD, "autoconfig.js");
+
+    // Make sure nsReadConfig is initialized.
+    Cc["@mozilla.org/readconfig;1"].getService(Ci.nsISupports);
+    Services.prefs.resetPrefs();
+
+    let autoConfigCfg = testDir.clone();
+    autoConfigCfg.append("autoconfig-no-sandbox-check.cfg");
+    autoConfigCfg.copyTo(greD, "autoconfig.cfg");
+
+    Services.obs.notifyObservers(
+      Services.prefs,
+      "prefservice:before-read-userprefs"
+    );
+
+    equal("object", prefs.getStringPref("_test.typeof_Components"));
+    equal("object", prefs.getStringPref("_test.typeof_ChromeUtils"));
+
+    equal("object", prefs.getStringPref("_test.typeof_Cu_g_Services"));
+    equal("object", prefs.getStringPref("_test.typeof_Cu_obj_Services"));
+
+    equal("object", prefs.getStringPref("_test.typeof_ChromeUtils_Services"));
+
+    Services.prefs.resetPrefs();
+  } finally {
+    try {
+      let autoConfigJS = defaultPrefD.clone();
+      autoConfigJS.append("autoconfig.js");
+      autoConfigJS.remove(false);
+    } catch (e) {
+      if (e.result != Cr.NS_ERROR_FILE_NOT_FOUND) {
+        throw e;
+      }
+    }
+
+    try {
+      let autoConfigCfg = greD.clone();
+      autoConfigCfg.append("autoconfig.cfg");
+      autoConfigCfg.remove(false);
+    } catch (e) {
+      if (e.result != Cr.NS_ERROR_FILE_NOT_FOUND) {
+        throw e;
+      }
+    }
+
+    Services.prefs.resetPrefs();
+  }
+}

extensions/pref/autoconfig/test/unit/test_autoconfig_nonascii.js

@@ -44,6 +44,7 @@ function run_test() {
         filename: "autoconfig-chromecheck.cfg",
         prefs: {
           "_test.string.typeofComponents": "undefined",
+          "_test.string.typeofChromeUtils": "undefined",
         },
       },
     ];

extensions/pref/autoconfig/test/unit/xpcshell.ini

@@ -6,7 +6,10 @@ support-files =
   autoconfig-latin1.cfg
   autoconfig-utf8.cfg
   autoconfig-chromecheck.cfg
+  autoconfig-no-sandbox-check.cfg
   autoconfig.js
+  autoconfig-no-sandbox.js
 
 [test_autoconfig.js]
 [test_autoconfig_nonascii.js]
+[test_autoconfig_no_sandbox.js]