diff --git a/content/base/src/nsContentUtils.cpp b/content/base/src/nsContentUtils.cpp index 43e35cc07ea..ccc4f1433d5 100644 --- a/content/base/src/nsContentUtils.cpp +++ b/content/base/src/nsContentUtils.cpp @@ -1195,7 +1195,8 @@ nsContentUtils::CanCallerAccess(nsIDOMNode *aNode) // with the system principal games? But really, there should be a simpler // API here, dammit. nsCOMPtr subjectPrincipal; - sSecurityManager->GetSubjectPrincipal(getter_AddRefs(subjectPrincipal)); + nsresult rv = sSecurityManager->GetSubjectPrincipal(getter_AddRefs(subjectPrincipal)); + NS_ENSURE_SUCCESS(rv, PR_FALSE); if (!subjectPrincipal) { // we're running as system, grant access to the node. @@ -1217,7 +1218,8 @@ nsContentUtils::CanCallerAccess(nsPIDOMWindow* aWindow) // with the system principal games? But really, there should be a simpler // API here, dammit. nsCOMPtr subjectPrincipal; - sSecurityManager->GetSubjectPrincipal(getter_AddRefs(subjectPrincipal)); + nsresult rv = sSecurityManager->GetSubjectPrincipal(getter_AddRefs(subjectPrincipal)); + NS_ENSURE_SUCCESS(rv, PR_FALSE); if (!subjectPrincipal) { // we're running as system, grant access to the node. diff --git a/content/base/src/nsDOMFileReader.cpp b/content/base/src/nsDOMFileReader.cpp index ae3f34b3e6c..eabbe84aff1 100644 --- a/content/base/src/nsDOMFileReader.cpp +++ b/content/base/src/nsDOMFileReader.cpp @@ -179,7 +179,8 @@ nsDOMFileReader::Init() nsIScriptSecurityManager *secMan = nsContentUtils::GetSecurityManager(); nsCOMPtr subjectPrincipal; if (secMan) { - secMan->GetSubjectPrincipal(getter_AddRefs(subjectPrincipal)); + nsresult rv = secMan->GetSubjectPrincipal(getter_AddRefs(subjectPrincipal)); + NS_ENSURE_SUCCESS(rv, rv); } NS_ENSURE_STATE(subjectPrincipal); mPrincipal = subjectPrincipal; diff --git a/content/base/src/nsDOMParser.cpp b/content/base/src/nsDOMParser.cpp index 041a8e10bf9..a1fcb3a4faa 100644 --- a/content/base/src/nsDOMParser.cpp +++ b/content/base/src/nsDOMParser.cpp @@ -406,7 +406,8 @@ nsDOMParser::Initialize(nsISupports* aOwner, JSContext* cx, JSObject* obj, nsIScriptSecurityManager* secMan = nsContentUtils::GetSecurityManager(); NS_ENSURE_TRUE(secMan, NS_ERROR_UNEXPECTED); - secMan->GetSubjectPrincipal(getter_AddRefs(prin)); + nsresult rv = secMan->GetSubjectPrincipal(getter_AddRefs(prin)); + NS_ENSURE_SUCCESS(rv, rv); // We're called from JS; there better be a subject principal, really. NS_ENSURE_TRUE(prin, NS_ERROR_UNEXPECTED); @@ -463,7 +464,8 @@ nsDOMParser::Init(nsIPrincipal *aPrincipal, nsIURI *aDocumentURI, nsIScriptSecurityManager* secMan = nsContentUtils::GetSecurityManager(); NS_ENSURE_TRUE(secMan, NS_ERROR_UNEXPECTED); - secMan->GetSubjectPrincipal(getter_AddRefs(principal)); + nsresult rv = secMan->GetSubjectPrincipal(getter_AddRefs(principal)); + NS_ENSURE_SUCCESS(rv, rv); // We're called from JS; there better be a subject principal, really. NS_ENSURE_TRUE(principal, NS_ERROR_UNEXPECTED); diff --git a/content/base/src/nsXMLHttpRequest.cpp b/content/base/src/nsXMLHttpRequest.cpp index d7799d26759..fa41e1cd65b 100644 --- a/content/base/src/nsXMLHttpRequest.cpp +++ b/content/base/src/nsXMLHttpRequest.cpp @@ -480,7 +480,8 @@ nsXMLHttpRequest::Init() nsIScriptSecurityManager *secMan = nsContentUtils::GetSecurityManager(); nsCOMPtr subjectPrincipal; if (secMan) { - secMan->GetSubjectPrincipal(getter_AddRefs(subjectPrincipal)); + nsresult rv = secMan->GetSubjectPrincipal(getter_AddRefs(subjectPrincipal)); + NS_ENSURE_SUCCESS(rv, rv); } NS_ENSURE_STATE(subjectPrincipal); mPrincipal = subjectPrincipal; diff --git a/content/events/src/nsDOMDataTransfer.cpp b/content/events/src/nsDOMDataTransfer.cpp index 4b9259ae131..0ba97ef0875 100644 --- a/content/events/src/nsDOMDataTransfer.cpp +++ b/content/events/src/nsDOMDataTransfer.cpp @@ -803,7 +803,9 @@ nsDOMDataTransfer::GetCurrentPrincipal() nsIScriptSecurityManager* ssm = nsContentUtils::GetSecurityManager(); nsCOMPtr currentPrincipal; - ssm->GetSubjectPrincipal(getter_AddRefs(currentPrincipal)); + nsresult rv = ssm->GetSubjectPrincipal(getter_AddRefs(currentPrincipal)); + NS_ENSURE_SUCCESS(rv, nsnull); + if (!currentPrincipal) ssm->GetSystemPrincipal(getter_AddRefs(currentPrincipal)); diff --git a/content/xslt/src/xslt/txMozillaXSLTProcessor.cpp b/content/xslt/src/xslt/txMozillaXSLTProcessor.cpp index 210ea3c51ae..b558f47a2e1 100644 --- a/content/xslt/src/xslt/txMozillaXSLTProcessor.cpp +++ b/content/xslt/src/xslt/txMozillaXSLTProcessor.cpp @@ -1265,7 +1265,8 @@ txMozillaXSLTProcessor::Initialize(nsISupports* aOwner, JSContext* cx, nsIScriptSecurityManager* secMan = nsContentUtils::GetSecurityManager(); NS_ENSURE_TRUE(secMan, NS_ERROR_UNEXPECTED); - secMan->GetSubjectPrincipal(getter_AddRefs(prin)); + nsresult rv = secMan->GetSubjectPrincipal(getter_AddRefs(prin)); + NS_ENSURE_SUCCESS(rv, rv); NS_ENSURE_TRUE(prin, NS_ERROR_UNEXPECTED); return Init(prin); diff --git a/dom/src/storage/nsDOMStorage.cpp b/dom/src/storage/nsDOMStorage.cpp index 78b985ab927..1c85f4766a3 100644 --- a/dom/src/storage/nsDOMStorage.cpp +++ b/dom/src/storage/nsDOMStorage.cpp @@ -137,8 +137,9 @@ static PRBool IsCallerSecure() { nsCOMPtr subjectPrincipal; - nsContentUtils::GetSecurityManager()-> - GetSubjectPrincipal(getter_AddRefs(subjectPrincipal)); + nsresult rv = nsContentUtils::GetSecurityManager()-> + GetSubjectPrincipal(getter_AddRefs(subjectPrincipal)); + NS_ENSURE_SUCCESS(rv, PR_FALSE); if (!subjectPrincipal) { // No subject principal means no code is running. Default to not @@ -161,7 +162,7 @@ IsCallerSecure() } PRBool isHttps = PR_FALSE; - nsresult rv = innerUri->SchemeIs("https", &isHttps); + rv = innerUri->SchemeIs("https", &isHttps); return NS_SUCCEEDED(rv) && isHttps; } @@ -1470,8 +1471,9 @@ nsDOMStorage::CanUseStorage(PRPackedBool* aSessionOnly) return PR_TRUE; nsCOMPtr subjectPrincipal; - nsContentUtils::GetSecurityManager()-> - GetSubjectPrincipal(getter_AddRefs(subjectPrincipal)); + nsresult rv = nsContentUtils::GetSecurityManager()-> + GetSubjectPrincipal(getter_AddRefs(subjectPrincipal)); + NS_ENSURE_SUCCESS(rv, PR_FALSE); // if subjectPrincipal were null we'd have returned after // IsCallerChrome(). @@ -1533,7 +1535,8 @@ nsDOMStorage::CacheStoragePermissions() return PR_FALSE; nsCOMPtr subjectPrincipal; - ssm->GetSubjectPrincipal(getter_AddRefs(subjectPrincipal)); + nsresult rv = ssm->GetSubjectPrincipal(getter_AddRefs(subjectPrincipal)); + NS_ENSURE_SUCCESS(rv, PR_FALSE); NS_ASSERTION(mSecurityChecker, "Has non-null mSecurityChecker"); return mSecurityChecker->CanAccess(subjectPrincipal); diff --git a/layout/style/nsCSSStyleSheet.cpp b/layout/style/nsCSSStyleSheet.cpp index c7091bd0c3f..54e35d9c6ca 100644 --- a/layout/style/nsCSSStyleSheet.cpp +++ b/layout/style/nsCSSStyleSheet.cpp @@ -1576,14 +1576,15 @@ nsCSSStyleSheet::SubjectSubsumesInnerPrincipal() const nsContentUtils::GetSecurityManager(); nsCOMPtr subjectPrincipal; - securityManager->GetSubjectPrincipal(getter_AddRefs(subjectPrincipal)); + nsresult rv = securityManager->GetSubjectPrincipal(getter_AddRefs(subjectPrincipal)); + NS_ENSURE_SUCCESS(rv, rv); if (!subjectPrincipal) { return NS_ERROR_DOM_SECURITY_ERR; } PRBool subsumes; - nsresult rv = subjectPrincipal->Subsumes(mInner->mPrincipal, &subsumes); + rv = subjectPrincipal->Subsumes(mInner->mPrincipal, &subsumes); NS_ENSURE_SUCCESS(rv, rv); if (subsumes) { diff --git a/security/manager/ssl/src/nsCrypto.cpp b/security/manager/ssl/src/nsCrypto.cpp index 9fe741fb868..d0781ddeeba 100644 --- a/security/manager/ssl/src/nsCrypto.cpp +++ b/security/manager/ssl/src/nsCrypto.cpp @@ -2013,7 +2013,8 @@ nsCrypto::GenerateCRMFRequest(nsIDOMCRMFObject** aReturn) NS_ENSURE_TRUE(secMan, NS_ERROR_UNEXPECTED); nsCOMPtr principals; - secMan->GetSubjectPrincipal(getter_AddRefs(principals)); + nsresult rv = secMan->GetSubjectPrincipal(getter_AddRefs(principals)); + NS_ENSURE_SUCCESS(rv, rv); NS_ENSURE_TRUE(principals, NS_ERROR_UNEXPECTED); nsCryptoRunArgs *args = new nsCryptoRunArgs(); @@ -2031,7 +2032,7 @@ nsCrypto::GenerateCRMFRequest(nsIDOMCRMFObject** aReturn) if (!cryptoRunnable) return NS_ERROR_OUT_OF_MEMORY; - nsresult rv = NS_DispatchToMainThread(cryptoRunnable); + rv = NS_DispatchToMainThread(cryptoRunnable); if (NS_FAILED(rv)) delete cryptoRunnable; diff --git a/xpinstall/src/nsJSInstallTriggerGlobal.cpp b/xpinstall/src/nsJSInstallTriggerGlobal.cpp index 80f1e3afc64..6fe45342e17 100644 --- a/xpinstall/src/nsJSInstallTriggerGlobal.cpp +++ b/xpinstall/src/nsJSInstallTriggerGlobal.cpp @@ -256,8 +256,9 @@ InstallTriggerGlobalInstall(JSContext *cx, JSObject *obj, uintN argc, jsval *arg } // get the principal. if it doesn't exist, die. nsCOMPtr principal; - secman->GetSubjectPrincipal(getter_AddRefs(principal)); - if (!principal) + nsresult rv = secman->GetSubjectPrincipal(getter_AddRefs(principal)); + + if (NS_FAILED(rv) || !principal) { JS_ReportError(cx, "Could not get the Subject Principal during InstallTrigger.Install()"); return JS_FALSE; @@ -369,7 +370,7 @@ InstallTriggerGlobalInstall(JSContext *cx, JSObject *obj, uintN argc, jsval *arg } // Make sure we're allowed to load this URL and the icon URL - nsresult rv = InstallTriggerCheckLoadURIFromScript(cx, xpiURL); + rv = InstallTriggerCheckLoadURIFromScript(cx, xpiURL); if (NS_FAILED(rv)) abortLoad = PR_TRUE; @@ -404,8 +405,8 @@ InstallTriggerGlobalInstall(JSContext *cx, JSObject *obj, uintN argc, jsval *arg if (!abortLoad && trigger->Size() > 0) { nsCOMPtr checkuri; - nsresult rv = nativeThis->GetOriginatingURI(globalObject, - getter_AddRefs(checkuri)); + rv = nativeThis->GetOriginatingURI(globalObject, + getter_AddRefs(checkuri)); if (NS_SUCCEEDED(rv)) { nsCOMPtr win(do_QueryInterface(globalObject)); diff --git a/xpinstall/src/nsXPITriggerInfo.cpp b/xpinstall/src/nsXPITriggerInfo.cpp index 81710460601..2f53df92018 100644 --- a/xpinstall/src/nsXPITriggerInfo.cpp +++ b/xpinstall/src/nsXPITriggerInfo.cpp @@ -284,8 +284,9 @@ XPITriggerEvent::Run() } nsCOMPtr principal; - secman->GetSubjectPrincipal(getter_AddRefs(principal)); - if (!principal) + nsresult rv = secman->GetSubjectPrincipal(getter_AddRefs(principal)); + + if (NS_FAILED(rv) || !principal) { JS_ReportError(cx, "Could not get principal from script security manager"); return 0;