Bug 855411 - Root doCheckAccess. r=bz,terrence
authorTom Schuster <evilpies@gmail.com>
Fri, 05 Apr 2013 15:21:02 +0200
changeset 127823 35ad506ee9ac60719b49a0920da93e2d5f0edf30
parent 127822 f7c2fc1b53c400ace2380f865e769ad37ef7a1b8
child 127824 f066c15b6025fc947ca0c8d6db82f29b739719da
push id24512
push userryanvm@gmail.com
push dateFri, 05 Apr 2013 20:13:49 +0000
treeherderautoland@139b6ba547fa [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbz, terrence
bugs855411
milestone23.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 855411 - Root doCheckAccess. r=bz,terrence
content/xbl/src/nsXBLDocumentInfo.cpp
--- a/content/xbl/src/nsXBLDocumentInfo.cpp
+++ b/content/xbl/src/nsXBLDocumentInfo.cpp
@@ -61,18 +61,18 @@ public:
 
   virtual nsIScriptContext *GetContext();
   virtual void OnFinalize(JSObject* aObject);
   virtual void SetScriptsEnabled(bool aEnabled, bool aFireTimeouts);
 
   // nsIScriptObjectPrincipal methods
   virtual nsIPrincipal* GetPrincipal();
 
-  static JSBool doCheckAccess(JSContext *cx, JSObject *obj, jsid id,
-                              uint32_t accessType);
+  static JSBool doCheckAccess(JSContext *cx, JS::Handle<JSObject*> obj,
+                              JS::Handle<jsid> id, uint32_t accessType);
 
   NS_DECL_CYCLE_COLLECTION_CLASS_AMBIGUOUS(nsXBLDocGlobalObject,
                                            nsIScriptGlobalObject)
 
   void ClearGlobalObjectOwner();
 
   void UnmarkScriptContext();
 
@@ -84,37 +84,39 @@ protected:
   nsCOMPtr<nsIScriptContext> mScriptContext;
   JSObject *mJSObject;
 
   nsXBLDocumentInfo* mGlobalObjectOwner; // weak reference
   static JSClass gSharedGlobalClass;
 };
 
 JSBool
-nsXBLDocGlobalObject::doCheckAccess(JSContext *cx, JSObject *obj, jsid id, uint32_t accessType)
+nsXBLDocGlobalObject::doCheckAccess(JSContext *cx, JS::Handle<JSObject*> obj,
+                                    JS::Handle<jsid> id, uint32_t accessType)
 {
   nsIScriptSecurityManager *ssm = nsContentUtils::GetSecurityManager();
   if (!ssm) {
     ::JS_ReportError(cx, "Unable to verify access to a global object property.");
     return JS_FALSE;
   }
 
   // Make sure to actually operate on our object, and not some object further
   // down on the proto chain.
-  while (JS_GetClass(obj) != &nsXBLDocGlobalObject::gSharedGlobalClass) {
-    if (!::JS_GetPrototype(cx, obj, &obj)) {
+  JS::Rooted<JSObject*> base(cx, obj);
+  while (JS_GetClass(base) != &nsXBLDocGlobalObject::gSharedGlobalClass) {
+    if (!::JS_GetPrototype(cx, base, base.address())) {
       return JS_FALSE;
     }
-    if (!obj) {
+    if (!base) {
       ::JS_ReportError(cx, "Invalid access to a global object property.");
       return JS_FALSE;
     }
   }
 
-  nsresult rv = ssm->CheckPropertyAccess(cx, obj, JS_GetClass(obj)->name,
+  nsresult rv = ssm->CheckPropertyAccess(cx, base, JS_GetClass(base)->name,
                                          id, accessType);
   return NS_SUCCEEDED(rv);
 }
 
 static JSBool
 nsXBLDocGlobalObject_getProperty(JSContext *cx, JSHandleObject obj,
                                  JSHandleId id, JSMutableHandleValue vp)
 {