bug 313236: Consolidate some code. r=brendan

This commit is contained in:
mrbkap%gmail.com 2005-10-22 01:03:06 +00:00
Родитель 6137b82755
Коммит 023b050c93
4 изменённых файлов: 34 добавлений и 30 удалений

Просмотреть файл

@ -1,4 +1,5 @@
/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*-
* vim: set ts=8 sw=4 et tw=80:
*
* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
@ -1710,6 +1711,10 @@ Function(JSContext *cx, JSObject *obj, uintN argc, jsval *argv, jsval *rval)
principals = NULL;
}
/* Belt-and-braces: check that the caller has access to parent. */
if (!js_CheckPrincipalsAccess(cx, parent, principals, "Function"))
return JS_FALSE;
n = argc ? argc - 1 : 0;
if (n > 0) {
/*

Просмотреть файл

@ -1052,8 +1052,9 @@ obj_valueOf(JSContext *cx, JSObject *obj, uintN argc, jsval *argv, jsval *rval)
* if so (or if scopeobj has no principals, for backward compatibility with
* the JS API, which does not require principals), and false otherwise.
*/
static JSBool
CheckEvalAccess(JSContext *cx, JSObject *scopeobj, JSPrincipals *principals)
JSBool
js_CheckPrincipalsAccess(JSContext *cx, JSObject *scopeobj,
JSPrincipals *principals, const char *caller)
{
JSRuntime *rt;
JSPrincipals *scopePrincipals;
@ -1064,18 +1065,25 @@ CheckEvalAccess(JSContext *cx, JSObject *scopeobj, JSPrincipals *principals)
if (!principals || !scopePrincipals ||
!principals->subsume(principals, scopePrincipals)) {
JS_ReportErrorNumber(cx, js_GetErrorMessage, NULL,
JSMSG_BAD_INDIRECT_CALL, js_eval_str);
JSMSG_BAD_INDIRECT_CALL, caller);
return JS_FALSE;
}
}
return JS_TRUE;
}
JSBool
JSObject *
js_CheckScopeChainValidity(JSContext *cx, JSObject *scopeobj, const char *caller)
{
JSClass *clasp;
JSExtendedClass *xclasp;
JSObject *inner;
OBJ_TO_INNER_OBJECT(cx, scopeobj);
if (!scopeobj)
return NULL;
inner = scopeobj;
/* XXX This is an awful gross hack. */
while (scopeobj) {
@ -1086,14 +1094,14 @@ js_CheckScopeChainValidity(JSContext *cx, JSObject *scopeobj, const char *caller
xclasp->innerObject(cx, scopeobj) != scopeobj) {
JS_ReportErrorNumber(cx, js_GetErrorMessage, NULL,
JSMSG_BAD_INDIRECT_CALL, caller);
return JS_FALSE;
return NULL;
}
}
scopeobj = OBJ_GET_PARENT(cx, scopeobj);
}
return JS_TRUE;
return inner;
}
static JSBool
@ -1151,8 +1159,11 @@ obj_eval(JSContext *cx, JSObject *obj, uintN argc, jsval *argv, jsval *rval)
if (indirectCall) {
callerScopeChain = caller->scopeChain;
if (obj != callerScopeChain) {
if (!CheckEvalAccess(cx, obj, caller->script->principals))
if (!js_CheckPrincipalsAccess(cx, obj,
caller->script->principals,
js_eval_str)) {
return JS_FALSE;
}
scopeobj = js_NewObject(cx, &js_WithClass, obj,
callerScopeChain);
@ -1185,13 +1196,10 @@ obj_eval(JSContext *cx, JSObject *obj, uintN argc, jsval *argv, jsval *rval)
}
/* Ensure we compile this eval with the right object in the scope chain. */
OBJ_TO_INNER_OBJECT(cx, scopeobj);
scopeobj = js_CheckScopeChainValidity(cx, scopeobj, js_eval_str);
if (!scopeobj)
return JS_FALSE;
if (!js_CheckScopeChainValidity(cx, scopeobj, js_eval_str))
return JS_FALSE;
str = JSVAL_TO_STRING(argv[0]);
if (caller) {
file = caller->script->filename;
@ -1239,7 +1247,7 @@ obj_eval(JSContext *cx, JSObject *obj, uintN argc, jsval *argv, jsval *rval)
* Belt-and-braces: check that the lesser of eval's principals and the
* caller's principals has access to scopeobj.
*/
ok = CheckEvalAccess(cx, scopeobj, principals);
ok = js_CheckPrincipalsAccess(cx, scopeobj, principals, js_eval_str);
if (!ok)
goto out;

Просмотреть файл

@ -488,9 +488,12 @@ js_GetRequiredSlot(JSContext *cx, JSObject *obj, uint32 slot);
extern JSBool
js_SetRequiredSlot(JSContext *cx, JSObject *obj, uint32 slot, jsval v);
extern JSBool
extern JSObject *
js_CheckScopeChainValidity(JSContext *cx, JSObject *scopeobj, const char *caller);
extern JSBool
js_CheckPrincipalsAccess(JSContext *cx, JSObject *scopeobj,
JSPrincipals *principals, const char *caller);
JS_END_EXTERN_C
#endif /* jsobj_h___ */

Просмотреть файл

@ -65,6 +65,7 @@
#if JS_HAS_SCRIPT_OBJECT
static const char js_script_exec[] = "Script.prototype.exec";
static const char js_script_compile[] = "Script.prototype.compile";
#if JS_HAS_TOSOURCE
static JSBool
@ -205,7 +206,7 @@ script_compile(JSContext *cx, JSObject *obj, uintN argc, jsval *argv,
}
/* Ensure we compile this script with the right (inner) principals. */
OBJ_TO_INNER_OBJECT(cx, scopeobj);
scopeobj = js_CheckScopeChainValidity(cx, scopeobj, js_script_compile);
if (!scopeobj)
return JS_FALSE;
@ -248,7 +249,6 @@ script_exec(JSContext *cx, JSObject *obj, uintN argc, jsval *argv, jsval *rval)
JSObject *scopeobj, *parent;
JSStackFrame *fp, *caller;
JSPrincipals *principals, *scopePrincipals;
JSRuntime *rt;
if (!JS_InstanceOf(cx, obj, &js_ScriptClass, argv))
return JS_FALSE;
@ -308,26 +308,14 @@ script_exec(JSContext *cx, JSObject *obj, uintN argc, jsval *argv, jsval *rval)
}
}
OBJ_TO_INNER_OBJECT(cx, scopeobj);
scopeobj = js_CheckScopeChainValidity(cx, scopeobj, js_script_exec);
if (!scopeobj)
return JS_FALSE;
if (!js_CheckScopeChainValidity(cx, scopeobj, js_script_exec))
return JS_FALSE;
/* Belt-and-braces: check that this script object has access to scopeobj. */
principals = script->principals;
rt = cx->runtime;
if (rt->findObjectPrincipals) {
scopePrincipals = rt->findObjectPrincipals(cx, scopeobj);
if (!principals || !scopePrincipals ||
!principals->subsume(principals, scopePrincipals)) {
JS_ReportErrorNumber(cx, js_GetErrorMessage, NULL,
JSMSG_BAD_INDIRECT_CALL,
js_script_exec);
if (!js_CheckPrincipalsAccess(cx, scopeobj, principals, js_script_exec))
return JS_FALSE;
}
}
return js_Execute(cx, scopeobj, script, caller, JSFRAME_EVAL, rval);
}