Bug 658037 (1/2) - r=bz

2011-06-21 18:52:22 +02:00 · 2011-06-21 18:52:22 +02:00 · cb7ece5357
--- a/content/base/src/nsContentUtils.cpp
+++ b/content/base/src/nsContentUtils.cpp
@ -1195,7 +1195,8 @@ nsContentUtils::CanCallerAccess(nsIDOMNode *aNode)
  // with the system principal games?  But really, there should be a simpler
  // API here, dammit.
  nsCOMPtr<nsIPrincipal> subjectPrincipal;
-  sSecurityManager->GetSubjectPrincipal(getter_AddRefs(subjectPrincipal));
+  nsresult rv = sSecurityManager->GetSubjectPrincipal(getter_AddRefs(subjectPrincipal));
+  NS_ENSURE_SUCCESS(rv, PR_FALSE);

  if (!subjectPrincipal) {
    // we're running as system, grant access to the node.
@ -1217,7 +1218,8 @@ nsContentUtils::CanCallerAccess(nsPIDOMWindow* aWindow)
  // with the system principal games?  But really, there should be a simpler
  // API here, dammit.
  nsCOMPtr<nsIPrincipal> subjectPrincipal;
-  sSecurityManager->GetSubjectPrincipal(getter_AddRefs(subjectPrincipal));
+  nsresult rv = sSecurityManager->GetSubjectPrincipal(getter_AddRefs(subjectPrincipal));
+  NS_ENSURE_SUCCESS(rv, PR_FALSE);

  if (!subjectPrincipal) {
    // we're running as system, grant access to the node.
--- a/content/base/src/nsDOMFileReader.cpp
+++ b/content/base/src/nsDOMFileReader.cpp
@ -179,7 +179,8 @@ nsDOMFileReader::Init()
  nsIScriptSecurityManager *secMan = nsContentUtils::GetSecurityManager();
  nsCOMPtr<nsIPrincipal> subjectPrincipal;
  if (secMan) {
-    secMan->GetSubjectPrincipal(getter_AddRefs(subjectPrincipal));
+    nsresult rv = secMan->GetSubjectPrincipal(getter_AddRefs(subjectPrincipal));
+    NS_ENSURE_SUCCESS(rv, rv);
  }
  NS_ENSURE_STATE(subjectPrincipal);
  mPrincipal = subjectPrincipal;
--- a/content/base/src/nsDOMParser.cpp
+++ b/content/base/src/nsDOMParser.cpp
@ -406,7 +406,8 @@ nsDOMParser::Initialize(nsISupports* aOwner, JSContext* cx, JSObject* obj,
    nsIScriptSecurityManager* secMan = nsContentUtils::GetSecurityManager();
    NS_ENSURE_TRUE(secMan, NS_ERROR_UNEXPECTED);

-    secMan->GetSubjectPrincipal(getter_AddRefs(prin));
+    nsresult rv = secMan->GetSubjectPrincipal(getter_AddRefs(prin));
+    NS_ENSURE_SUCCESS(rv, rv);

    // We're called from JS; there better be a subject principal, really.
    NS_ENSURE_TRUE(prin, NS_ERROR_UNEXPECTED);
@ -463,7 +464,8 @@ nsDOMParser::Init(nsIPrincipal *aPrincipal, nsIURI *aDocumentURI,
    nsIScriptSecurityManager* secMan = nsContentUtils::GetSecurityManager();
    NS_ENSURE_TRUE(secMan, NS_ERROR_UNEXPECTED);

-    secMan->GetSubjectPrincipal(getter_AddRefs(principal));
+    nsresult rv = secMan->GetSubjectPrincipal(getter_AddRefs(principal));
+    NS_ENSURE_SUCCESS(rv, rv);

    // We're called from JS; there better be a subject principal, really.
    NS_ENSURE_TRUE(principal, NS_ERROR_UNEXPECTED);
--- a/content/base/src/nsXMLHttpRequest.cpp
+++ b/content/base/src/nsXMLHttpRequest.cpp
@ -480,7 +480,8 @@ nsXMLHttpRequest::Init()
  nsIScriptSecurityManager *secMan = nsContentUtils::GetSecurityManager();
  nsCOMPtr<nsIPrincipal> subjectPrincipal;
  if (secMan) {
-    secMan->GetSubjectPrincipal(getter_AddRefs(subjectPrincipal));
+    nsresult rv = secMan->GetSubjectPrincipal(getter_AddRefs(subjectPrincipal));
+    NS_ENSURE_SUCCESS(rv, rv);
  }
  NS_ENSURE_STATE(subjectPrincipal);
  mPrincipal = subjectPrincipal;
--- a/content/events/src/nsDOMDataTransfer.cpp
+++ b/content/events/src/nsDOMDataTransfer.cpp
@ -803,7 +803,9 @@ nsDOMDataTransfer::GetCurrentPrincipal()
  nsIScriptSecurityManager* ssm = nsContentUtils::GetSecurityManager();

  nsCOMPtr<nsIPrincipal> currentPrincipal;
-  ssm->GetSubjectPrincipal(getter_AddRefs(currentPrincipal));
+  nsresult rv = ssm->GetSubjectPrincipal(getter_AddRefs(currentPrincipal));
+  NS_ENSURE_SUCCESS(rv, nsnull);
+
  if (!currentPrincipal)
    ssm->GetSystemPrincipal(getter_AddRefs(currentPrincipal));

--- a/content/xslt/src/xslt/txMozillaXSLTProcessor.cpp
+++ b/content/xslt/src/xslt/txMozillaXSLTProcessor.cpp
@ -1265,7 +1265,8 @@ txMozillaXSLTProcessor::Initialize(nsISupports* aOwner, JSContext* cx,
    nsIScriptSecurityManager* secMan = nsContentUtils::GetSecurityManager();
    NS_ENSURE_TRUE(secMan, NS_ERROR_UNEXPECTED);

-    secMan->GetSubjectPrincipal(getter_AddRefs(prin));
+    nsresult rv = secMan->GetSubjectPrincipal(getter_AddRefs(prin));
+    NS_ENSURE_SUCCESS(rv, rv);
    NS_ENSURE_TRUE(prin, NS_ERROR_UNEXPECTED);

    return Init(prin);
--- a/dom/src/storage/nsDOMStorage.cpp
+++ b/dom/src/storage/nsDOMStorage.cpp
@ -137,8 +137,9 @@ static PRBool
 IsCallerSecure()
 {
  nsCOMPtr<nsIPrincipal> subjectPrincipal;
-  nsContentUtils::GetSecurityManager()->
-    GetSubjectPrincipal(getter_AddRefs(subjectPrincipal));
+  nsresult rv = nsContentUtils::GetSecurityManager()->
+                  GetSubjectPrincipal(getter_AddRefs(subjectPrincipal));
+  NS_ENSURE_SUCCESS(rv, PR_FALSE);

  if (!subjectPrincipal) {
    // No subject principal means no code is running. Default to not
@ -161,7 +162,7 @@ IsCallerSecure()
  }

  PRBool isHttps = PR_FALSE;
-  nsresult rv = innerUri->SchemeIs("https", &isHttps);
+  rv = innerUri->SchemeIs("https", &isHttps);

  return NS_SUCCEEDED(rv) && isHttps;
 }
@ -1470,8 +1471,9 @@ nsDOMStorage::CanUseStorage(PRPackedBool* aSessionOnly)
    return PR_TRUE;

  nsCOMPtr<nsIPrincipal> subjectPrincipal;
-  nsContentUtils::GetSecurityManager()->
-    GetSubjectPrincipal(getter_AddRefs(subjectPrincipal));
+  nsresult rv = nsContentUtils::GetSecurityManager()->
+                  GetSubjectPrincipal(getter_AddRefs(subjectPrincipal));
+  NS_ENSURE_SUCCESS(rv, PR_FALSE);

  // if subjectPrincipal were null we'd have returned after
  // IsCallerChrome().
@ -1533,7 +1535,8 @@ nsDOMStorage::CacheStoragePermissions()
    return PR_FALSE;

  nsCOMPtr<nsIPrincipal> subjectPrincipal;
-  ssm->GetSubjectPrincipal(getter_AddRefs(subjectPrincipal));
+  nsresult rv = ssm->GetSubjectPrincipal(getter_AddRefs(subjectPrincipal));
+  NS_ENSURE_SUCCESS(rv, PR_FALSE);

  NS_ASSERTION(mSecurityChecker, "Has non-null mSecurityChecker");
  return mSecurityChecker->CanAccess(subjectPrincipal);
--- a/layout/style/nsCSSStyleSheet.cpp
+++ b/layout/style/nsCSSStyleSheet.cpp
@ -1576,14 +1576,15 @@ nsCSSStyleSheet::SubjectSubsumesInnerPrincipal() const
    nsContentUtils::GetSecurityManager();

  nsCOMPtr<nsIPrincipal> subjectPrincipal;
-  securityManager->GetSubjectPrincipal(getter_AddRefs(subjectPrincipal));
+  nsresult rv = securityManager->GetSubjectPrincipal(getter_AddRefs(subjectPrincipal));
+  NS_ENSURE_SUCCESS(rv, rv);

  if (!subjectPrincipal) {
    return NS_ERROR_DOM_SECURITY_ERR;
  }

  PRBool subsumes;
-  nsresult rv = subjectPrincipal->Subsumes(mInner->mPrincipal, &subsumes);
+  rv = subjectPrincipal->Subsumes(mInner->mPrincipal, &subsumes);
  NS_ENSURE_SUCCESS(rv, rv);

  if (subsumes) {
--- a/security/manager/ssl/src/nsCrypto.cpp
+++ b/security/manager/ssl/src/nsCrypto.cpp
@ -2013,7 +2013,8 @@ nsCrypto::GenerateCRMFRequest(nsIDOMCRMFObject** aReturn)
  NS_ENSURE_TRUE(secMan, NS_ERROR_UNEXPECTED);
  
  nsCOMPtr<nsIPrincipal> principals;
-  secMan->GetSubjectPrincipal(getter_AddRefs(principals));
+  nsresult rv = secMan->GetSubjectPrincipal(getter_AddRefs(principals));
+  NS_ENSURE_SUCCESS(rv, rv);
  NS_ENSURE_TRUE(principals, NS_ERROR_UNEXPECTED);
  
  nsCryptoRunArgs *args = new nsCryptoRunArgs();
@ -2031,7 +2032,7 @@ nsCrypto::GenerateCRMFRequest(nsIDOMCRMFObject** aReturn)
  if (!cryptoRunnable)
    return NS_ERROR_OUT_OF_MEMORY;

-  nsresult rv = NS_DispatchToMainThread(cryptoRunnable);
+  rv = NS_DispatchToMainThread(cryptoRunnable);
  if (NS_FAILED(rv))
    delete cryptoRunnable;

--- a/xpinstall/src/nsJSInstallTriggerGlobal.cpp
+++ b/xpinstall/src/nsJSInstallTriggerGlobal.cpp
@ -256,8 +256,9 @@ InstallTriggerGlobalInstall(JSContext *cx, JSObject *obj, uintN argc, jsval *arg
  }
  // get the principal.  if it doesn't exist, die.
  nsCOMPtr<nsIPrincipal> principal;
-  secman->GetSubjectPrincipal(getter_AddRefs(principal));
-  if (!principal)
+  nsresult rv = secman->GetSubjectPrincipal(getter_AddRefs(principal));
+
+  if (NS_FAILED(rv) || !principal)
  {
    JS_ReportError(cx, "Could not get the Subject Principal during InstallTrigger.Install()");
    return JS_FALSE;
@ -369,7 +370,7 @@ InstallTriggerGlobalInstall(JSContext *cx, JSObject *obj, uintN argc, jsval *arg
            }

            // Make sure we're allowed to load this URL and the icon URL
-            nsresult rv = InstallTriggerCheckLoadURIFromScript(cx, xpiURL);
+            rv = InstallTriggerCheckLoadURIFromScript(cx, xpiURL);
            if (NS_FAILED(rv))
                abortLoad = PR_TRUE;

@ -404,8 +405,8 @@ InstallTriggerGlobalInstall(JSContext *cx, JSObject *obj, uintN argc, jsval *arg
    if (!abortLoad && trigger->Size() > 0)
    {
        nsCOMPtr<nsIURI> checkuri;
-        nsresult rv = nativeThis->GetOriginatingURI(globalObject,
-                                                    getter_AddRefs(checkuri));
+        rv = nativeThis->GetOriginatingURI(globalObject,
+                                           getter_AddRefs(checkuri));
        if (NS_SUCCEEDED(rv))
        {
            nsCOMPtr<nsIDOMWindowInternal> win(do_QueryInterface(globalObject));
--- a/xpinstall/src/nsXPITriggerInfo.cpp
+++ b/xpinstall/src/nsXPITriggerInfo.cpp
@ -284,8 +284,9 @@ XPITriggerEvent::Run()
    }

    nsCOMPtr<nsIPrincipal> principal;
-    secman->GetSubjectPrincipal(getter_AddRefs(principal));
-    if (!principal)
+    nsresult rv = secman->GetSubjectPrincipal(getter_AddRefs(principal));
+
+    if (NS_FAILED(rv) || !principal)
    {
         JS_ReportError(cx, "Could not get principal from script security manager");
         return 0;