Fixing remaining part of bug 292691. Make sure to do the appropriate uri load checks in all places in the xpinstall code. Patch by vladimir@pobox.com and dveditz@cruzio.com, r=dveditz@cruzio.com, r=vladimir@pobox.com, sr=jst@mozilla.org, a=asa@mozilla.org

This commit is contained in:
jst%mozilla.jstenback.com 2005-05-09 21:19:16 +00:00
Родитель 61c9bf53f3
Коммит dc89582656
1 изменённых файлов: 60 добавлений и 51 удалений

Просмотреть файл

@ -143,6 +143,39 @@ static JSBool CreateNativeObject(JSContext *cx, JSObject *obj, nsIDOMInstallTrig
return JS_TRUE;
}
//
// Helper function for URI verification
//
static nsresult
InstallTriggerCheckLoadURIFromScript(const nsAString& uriStr)
{
nsresult rv;
nsCOMPtr<nsIScriptSecurityManager> secman(
do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID,&rv));
NS_ENSURE_SUCCESS(rv, rv);
// get the script base URI
nsCOMPtr<nsIURI> scriptURI;
nsCOMPtr<nsIPrincipal> principal;
rv = secman->GetSubjectPrincipal(getter_AddRefs(principal));
NS_ENSURE_SUCCESS(rv, rv);
if (!principal)
return NS_ERROR_FAILURE;
rv = principal->GetURI(getter_AddRefs(scriptURI));
NS_ENSURE_SUCCESS(rv, rv);
// convert the requested URL string to a URI
nsCOMPtr<nsIURI> uri;
rv = NS_NewURI(getter_AddRefs(uri), uriStr);
NS_ENSURE_SUCCESS(rv, rv);
// are we allowed to load this one?
rv = secman->CheckLoadURI(scriptURI, uri,
nsIScriptSecurityManager::DISALLOW_SCRIPT_OR_DATA);
return rv;
}
//
// Native method UpdateEnabled
//
@ -215,11 +248,7 @@ InstallTriggerGlobalInstall(JSContext *cx, JSObject *obj, uintN argc, jsval *arg
}
}
// if we can't create a security manager we might be in the wizard, allow
PRBool abortLoad = PR_FALSE;
nsCOMPtr<nsIScriptSecurityManager> secman(
do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID));
// parse associative array of installs
if ( argc >= 1 && JSVAL_IS_OBJECT(argv[0]) )
@ -267,19 +296,6 @@ InstallTriggerGlobalInstall(JSContext *cx, JSObject *obj, uintN argc, jsval *arg
xpiURL = NS_ConvertUTF8toUTF16(resolvedURL);
}
// Make sure we're allowed to load this URL
if (secman)
{
nsCOMPtr<nsIURI> uri;
nsresult rv = NS_NewURI(getter_AddRefs(uri), xpiURL);
if (NS_SUCCEEDED(rv))
{
rv = secman->CheckLoadURIFromScript(cx, uri);
if (NS_FAILED(rv))
abortLoad = PR_TRUE;
}
}
nsAutoString icon(iconURL);
if (iconURL && baseURL)
{
@ -288,6 +304,20 @@ InstallTriggerGlobalInstall(JSContext *cx, JSObject *obj, uintN argc, jsval *arg
icon = NS_ConvertUTF8toUTF16(resolvedIcon);
}
// Make sure we're allowed to load this URL and the icon URL
nsresult rv = InstallTriggerCheckLoadURIFromScript(xpiURL);
if (NS_FAILED(rv))
abortLoad = PR_TRUE;
if (!abortLoad && iconURL)
{
rv = InstallTriggerCheckLoadURIFromScript(icon);
if (NS_FAILED(rv))
abortLoad = PR_TRUE;
}
if (!abortLoad)
{
nsXPITriggerItem *item = new nsXPITriggerItem( name, xpiURL.get(), icon.get() );
if ( item )
{
@ -296,6 +326,7 @@ InstallTriggerGlobalInstall(JSContext *cx, JSObject *obj, uintN argc, jsval *arg
else
abortLoad = PR_TRUE;
}
}
else
abortLoad = PR_TRUE;
}
@ -393,20 +424,9 @@ InstallTriggerGlobalInstallChrome(JSContext *cx, JSObject *obj, uintN argc, jsva
}
// Make sure caller is allowed to load this url.
// if we can't create a security manager we might be in the wizard, allow
nsCOMPtr<nsIScriptSecurityManager> secman(
do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID));
if (secman)
{
nsCOMPtr<nsIURI> uri;
nsresult rv = NS_NewURI(getter_AddRefs(uri), sourceURL);
if (NS_SUCCEEDED(rv))
{
rv = secman->CheckLoadURIFromScript(cx, uri);
nsresult rv = InstallTriggerCheckLoadURIFromScript(sourceURL);
if (NS_FAILED(rv))
return JS_FALSE;
}
}
if ( chromeType & CHROME_ALL )
{
@ -481,20 +501,9 @@ InstallTriggerGlobalStartSoftwareUpdate(JSContext *cx, JSObject *obj, uintN argc
}
// Make sure caller is allowed to load this url.
// if we can't create a security manager we might be in the wizard, allow
nsCOMPtr<nsIScriptSecurityManager> secman(
do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID));
if (secman)
{
nsCOMPtr<nsIURI> uri;
nsresult rv = NS_NewURI(getter_AddRefs(uri), xpiURL);
if (NS_SUCCEEDED(rv))
{
rv = secman->CheckLoadURIFromScript(cx, uri);
nsresult rv = InstallTriggerCheckLoadURIFromScript(xpiURL);
if (NS_FAILED(rv))
return JS_FALSE;
}
}
if (argc >= 2 && !JS_ValueToInt32(cx, argv[1], (int32 *)&flags))
{