зеркало из https://github.com/mozilla/gecko-dev.git
Bug 1452278 - Part 2 - Limit length of MIME types and extensions received in HandlerServiceParent r=bzbarsky
Limit the length of strings received from the child to reasonable sizes. Depends on D15620 Differential Revision: https://phabricator.services.mozilla.com/D15626 --HG-- extra : moz-landing-system : lando
This commit is contained in:
Родитель
77b79862cf
Коммит
ea5f6eef2f
|
@ -243,6 +243,12 @@ mozilla::ipc::IPCResult HandlerServiceParent::RecvGetMIMEInfoFromOS(
|
||||||
const nsCString& aMIMEType, const nsCString& aExtension, nsresult* aRv,
|
const nsCString& aMIMEType, const nsCString& aExtension, nsresult* aRv,
|
||||||
HandlerInfo* aHandlerInfoData, bool* aFound) {
|
HandlerInfo* aHandlerInfoData, bool* aFound) {
|
||||||
*aFound = false;
|
*aFound = false;
|
||||||
|
if (aMIMEType.Length() > MAX_MIMETYPE_LENGTH ||
|
||||||
|
aExtension.Length() > MAX_EXT_LENGTH) {
|
||||||
|
*aRv = NS_OK;
|
||||||
|
return IPC_OK();
|
||||||
|
}
|
||||||
|
|
||||||
nsCOMPtr<nsIMIMEService> mimeService =
|
nsCOMPtr<nsIMIMEService> mimeService =
|
||||||
do_GetService(NS_MIMESERVICE_CONTRACTID, aRv);
|
do_GetService(NS_MIMESERVICE_CONTRACTID, aRv);
|
||||||
if (NS_WARN_IF(NS_FAILED(*aRv))) {
|
if (NS_WARN_IF(NS_FAILED(*aRv))) {
|
||||||
|
@ -275,6 +281,10 @@ mozilla::ipc::IPCResult HandlerServiceParent::RecvExists(
|
||||||
|
|
||||||
mozilla::ipc::IPCResult HandlerServiceParent::RecvExistsForProtocolOS(
|
mozilla::ipc::IPCResult HandlerServiceParent::RecvExistsForProtocolOS(
|
||||||
const nsCString& aProtocolScheme, bool* aHandlerExists) {
|
const nsCString& aProtocolScheme, bool* aHandlerExists) {
|
||||||
|
if (aProtocolScheme.Length() > MAX_SCHEME_LENGTH) {
|
||||||
|
*aHandlerExists = false;
|
||||||
|
return IPC_OK();
|
||||||
|
}
|
||||||
#ifdef MOZ_WIDGET_GTK
|
#ifdef MOZ_WIDGET_GTK
|
||||||
// Check the GNOME registry for a protocol handler
|
// Check the GNOME registry for a protocol handler
|
||||||
*aHandlerExists = nsGNOMERegistry::HandlerExists(aProtocolScheme.get());
|
*aHandlerExists = nsGNOMERegistry::HandlerExists(aProtocolScheme.get());
|
||||||
|
@ -290,6 +300,10 @@ mozilla::ipc::IPCResult HandlerServiceParent::RecvExistsForProtocolOS(
|
||||||
*/
|
*/
|
||||||
mozilla::ipc::IPCResult HandlerServiceParent::RecvExistsForProtocol(
|
mozilla::ipc::IPCResult HandlerServiceParent::RecvExistsForProtocol(
|
||||||
const nsCString& aProtocolScheme, bool* aHandlerExists) {
|
const nsCString& aProtocolScheme, bool* aHandlerExists) {
|
||||||
|
if (aProtocolScheme.Length() > MAX_SCHEME_LENGTH) {
|
||||||
|
*aHandlerExists = false;
|
||||||
|
return IPC_OK();
|
||||||
|
}
|
||||||
#if defined(XP_MACOSX)
|
#if defined(XP_MACOSX)
|
||||||
// Check the datastore and fallback to an OS check.
|
// Check the datastore and fallback to an OS check.
|
||||||
// ExternalProcotolHandlerExists() does the fallback.
|
// ExternalProcotolHandlerExists() does the fallback.
|
||||||
|
@ -315,6 +329,10 @@ mozilla::ipc::IPCResult HandlerServiceParent::RecvExistsForProtocol(
|
||||||
|
|
||||||
mozilla::ipc::IPCResult HandlerServiceParent::RecvGetTypeFromExtension(
|
mozilla::ipc::IPCResult HandlerServiceParent::RecvGetTypeFromExtension(
|
||||||
const nsCString& aFileExtension, nsCString* type) {
|
const nsCString& aFileExtension, nsCString* type) {
|
||||||
|
if (aFileExtension.Length() > MAX_EXT_LENGTH) {
|
||||||
|
return IPC_OK();
|
||||||
|
}
|
||||||
|
|
||||||
nsresult rv;
|
nsresult rv;
|
||||||
nsCOMPtr<nsIHandlerService> handlerSvc =
|
nsCOMPtr<nsIHandlerService> handlerSvc =
|
||||||
do_GetService(NS_HANDLERSERVICE_CONTRACTID, &rv);
|
do_GetService(NS_HANDLERSERVICE_CONTRACTID, &rv);
|
||||||
|
@ -330,6 +348,10 @@ mozilla::ipc::IPCResult HandlerServiceParent::RecvGetTypeFromExtension(
|
||||||
|
|
||||||
mozilla::ipc::IPCResult HandlerServiceParent::RecvGetApplicationDescription(
|
mozilla::ipc::IPCResult HandlerServiceParent::RecvGetApplicationDescription(
|
||||||
const nsCString& aScheme, nsresult* aRv, nsString* aDescription) {
|
const nsCString& aScheme, nsresult* aRv, nsString* aDescription) {
|
||||||
|
if (aScheme.Length() > MAX_SCHEME_LENGTH) {
|
||||||
|
*aRv = NS_ERROR_NOT_AVAILABLE;
|
||||||
|
return IPC_OK();
|
||||||
|
}
|
||||||
nsCOMPtr<nsIExternalProtocolService> protoSvc =
|
nsCOMPtr<nsIExternalProtocolService> protoSvc =
|
||||||
do_GetService(NS_EXTERNALPROTOCOLSERVICE_CONTRACTID);
|
do_GetService(NS_EXTERNALPROTOCOLSERVICE_CONTRACTID);
|
||||||
NS_ASSERTION(protoSvc, "No Helper App Service!");
|
NS_ASSERTION(protoSvc, "No Helper App Service!");
|
||||||
|
|
|
@ -39,6 +39,22 @@ class HandlerServiceParent final : public mozilla::dom::PHandlerServiceParent {
|
||||||
|
|
||||||
mozilla::ipc::IPCResult RecvGetApplicationDescription(
|
mozilla::ipc::IPCResult RecvGetApplicationDescription(
|
||||||
const nsCString& aScheme, nsresult* aRv, nsString* aDescription) override;
|
const nsCString& aScheme, nsresult* aRv, nsString* aDescription) override;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Limit the length of MIME types, filename extensions, and protocol
|
||||||
|
* schemes we'll consider.
|
||||||
|
*/
|
||||||
|
static const size_t MAX_MIMETYPE_LENGTH = 129; /* Per RFC 6838, type and
|
||||||
|
subtype should be limited
|
||||||
|
to 64 characters. We add
|
||||||
|
one more to account for
|
||||||
|
a '/' separator. */
|
||||||
|
static const size_t MAX_EXT_LENGTH = 64; /* Arbitratily chosen to be
|
||||||
|
longer than any known
|
||||||
|
extension */
|
||||||
|
static const size_t MAX_SCHEME_LENGTH = 1024; /* Arbitratily chosen to be
|
||||||
|
longer than any known
|
||||||
|
protocol scheme */
|
||||||
};
|
};
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
|
Загрузка…
Ссылка в новой задаче