Initial checkin of JavaScript 1.3, migrated from JSFUN13_BRANCH in /m/src repository.

(Minor changes in libmocha required to accomodate JSAPI changes.)

lib/libmocha/lm.h

@@ -673,7 +673,7 @@ lm_SetExternalCapture(JSContext *cx, JSPrincipals *principals,
                       JSBool b);
 
 extern JSBool
-lm_AddSetParentSecurityCheck(JSContext *cx, JSObject *obj);
+lm_CheckSetParentSlot(JSContext *cx, JSObject *obj, jsval id, jsval *vp);
 
 extern JSBool
 lm_SetDocumentDomain(JSContext *cx, JSPrincipals *principals, 

lib/libmocha/lm_layer.c

@@ -1033,10 +1033,20 @@ layer_finalize(JSContext *cx, JSObject *obj)
     JS_free(cx, js_layer);
 }
 
+JSBool layer_check_access(JSContext *cx, JSObject *obj, jsval id,
+                          JSAccessMode mode, jsval *vp)
+{
+    if(mode == JSACC_PARENT)  {
+        return lm_CheckSetParentSlot(cx, obj, id, vp);
+    }
+    return JS_TRUE;
+}
+
 JSClass lm_layer_class = {
     "Layer", JSCLASS_HAS_PRIVATE,
     JS_PropertyStub, JS_PropertyStub, layer_getProperty, layer_setProperty,
-    JS_EnumerateStub, layer_resolve_name, JS_ConvertStub, layer_finalize
+    JS_EnumerateStub, layer_resolve_name, JS_ConvertStub, layer_finalize,
+    NULL, layer_check_access
 };
 
 /* JS native method:

lib/libmocha/lm_taint.c

@@ -916,10 +916,7 @@ lm_GetInnermostPrincipals(JSContext *cx, JSObject *container,
     return (JSPrincipals *) &unknownPrincipals;
 }
 
-static JSPropertyOp oldParentSlotSetter = NULL;
-
-PR_STATIC_CALLBACK(JSBool)
-setParentSlot(JSContext *cx, JSObject *obj, jsval id, jsval *vp)
+JSBool lm_CheckSetParentSlot(JSContext *cx, JSObject *obj, jsval id, jsval *vp)
 {
     JSObject *newParent;
 
@@ -945,44 +942,9 @@ setParentSlot(JSContext *cx, JSObject *obj, jsval id, jsval *vp)
             lm_SetContainerPrincipals(cx, obj, principals);
         }
     }
-    return (*oldParentSlotSetter)(cx, obj, id, vp);
-}
-
-JSBool
-lm_AddSetParentSecurityCheck(JSContext *cx, JSObject *obj) 
-{
-    JSAtom *atom;
-    JSObject *proto;
-    static char parentName[] = "__parent__";
-    JSProperty *prop;
-    JSBool ok;
-
-    /*
-     * Set up to intercept attempts to set __parent__. We need to check
-     * that an evil script is not changing the parent links so that it
-     * gains access to restricted information.
-     */
-    proto = obj;
-    for(;;) {
-        JSObject *next = JS_GetPrototype(cx, proto);
-        if (next == NULL)
-            break;
-        proto = next;
-    }
-    atom = js_Atomize(cx, parentName, sizeof(parentName)-1, 0); 
-    if (atom == NULL) 
-        return JS_FALSE;
-    ok = js_LookupProperty(cx, proto, (jsval)atom, NULL, &prop);
-    js_DropAtom(cx, atom);
-    if (!ok || prop == NULL)
-        return JS_FALSE;
-    if (oldParentSlotSetter == NULL)
-        oldParentSlotSetter = prop->setter;
-    prop->setter = setParentSlot;
     return JS_TRUE;
 }
 
-
 static JSBool
 canExtendTrust(JSContext *cx, void *from, void *to)
 {
@@ -1022,9 +984,12 @@ lm_CheckContainerAccess(JSContext *cx, JSObject *obj, MochaDecoder *decoder,
     JSPrincipalsList *list;
     const char *fn;
 
-    principals = decoder->principals
-                 ? lm_GetInnermostPrincipals(decoder->js_context, obj, NULL)
-                 : NULL;
+    if(decoder->principals)  {
+        principals = lm_GetInnermostPrincipals(decoder->js_context, obj, NULL);
+    }  else  {
+	principals = NULL;
+    }
+
     if (principals == NULL) {
         /*
          * Attempt to access container before container has any scripts.

lib/libmocha/lm_win.c

@@ -739,10 +739,20 @@ win_finalize(JSContext *cx, JSObject *obj)
     DROP_BACK_COUNT(decoder);
 }
 
+JSBool win_check_access(JSContext *cx, JSObject *obj, jsval id,
+                        JSAccessMode mode, jsval *vp)
+{
+    if(mode == JSACC_PARENT)  {
+        return lm_CheckSetParentSlot(cx, obj, id, vp);
+    }
+    return JS_TRUE;
+}
+
 JSClass lm_window_class = {
     "Window", JSCLASS_HAS_PRIVATE,
     JS_PropertyStub, JS_PropertyStub, win_getProperty, win_setProperty,
-    win_list_properties, win_resolve_name, JS_ConvertStub, win_finalize
+    win_list_properties, win_resolve_name, JS_ConvertStub, win_finalize,
+    NULL, win_check_access
 };
 
 /*
@@ -3279,9 +3289,6 @@ lm_InitWindowContent(MochaDecoder *decoder)
     if (!JS_InitStandardClasses(cx, obj))
         return JS_FALSE;
 
-    if (!lm_AddSetParentSecurityCheck(cx, obj))
-        return JS_FALSE;
-
 #ifdef JAVA
     if (JSJ_IsEnabled() && !JSJ_InitContext(cx, obj))
         return JS_FALSE;