Bug 1361823 Fail the worker script load instead of crashing if the load group is torn down. r=baku
authorBen Kelly <ben@wanderview.com>
Mon, 15 May 2017 06:52:00 -0700
changeset 358398 1eab3a251445b308f406592913a8903e142a641e
parent 358397 c8840a3a2c3b99270e26709c9549496fa206b8eb
child 358399 3a47e27d40104e6d90302597e3f5a14f555c086a
push id90314
push userbkelly@mozilla.com
push dateMon, 15 May 2017 13:52:08 +0000
treeherdermozilla-inbound@1eab3a251445 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbaku
bugs1361823
milestone55.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1361823 Fail the worker script load instead of crashing if the load group is torn down. r=baku
dom/workers/ScriptLoader.cpp
dom/workers/WorkerPrivate.cpp
--- a/dom/workers/ScriptLoader.cpp
+++ b/dom/workers/ScriptLoader.cpp
@@ -897,17 +897,19 @@ private:
     AssertIsOnMainThread();
     MOZ_ASSERT(aIndex < mLoadInfos.Length());
 
     WorkerPrivate* parentWorker = mWorkerPrivate->GetParent();
 
     nsIPrincipal* principal = mWorkerPrivate->GetPrincipal();
     nsCOMPtr<nsILoadGroup> loadGroup = mWorkerPrivate->GetLoadGroup();
     MOZ_DIAGNOSTIC_ASSERT(principal);
-    MOZ_ASSERT(NS_LoadGroupMatchesPrincipal(loadGroup, principal));
+
+    NS_ENSURE_TRUE(NS_LoadGroupMatchesPrincipal(loadGroup, principal),
+                   NS_ERROR_FAILURE);
 
     // Figure out our base URI.
     nsCOMPtr<nsIURI> baseURI = GetBaseURI(mIsMainScript, mWorkerPrivate);
 
     // May be null.
     nsCOMPtr<nsIDocument> parentDoc = mWorkerPrivate->GetDocument();
 
     nsCOMPtr<nsIChannel> channel;
--- a/dom/workers/WorkerPrivate.cpp
+++ b/dom/workers/WorkerPrivate.cpp
@@ -4793,16 +4793,17 @@ WorkerPrivate::GetLoadInfo(JSContext* aC
 
       // If we're called from a window then we can dig out the principal and URI
       // from the document.
       document = loadInfo.mWindow->GetExtantDoc();
       NS_ENSURE_TRUE(document, NS_ERROR_FAILURE);
 
       loadInfo.mBaseURI = document->GetDocBaseURI();
       loadInfo.mLoadGroup = document->GetDocumentLoadGroup();
+      NS_ENSURE_TRUE(loadInfo.mLoadGroup, NS_ERROR_FAILURE);
 
       // Use the document's NodePrincipal as our principal if we're not being
       // called from chrome.
       if (!loadInfo.mPrincipal) {
         loadInfo.mPrincipal = document->NodePrincipal();
         NS_ENSURE_TRUE(loadInfo.mPrincipal, NS_ERROR_FAILURE);
 
         // We use the document's base domain to limit the number of workers
@@ -4828,16 +4829,20 @@ WorkerPrivate::GetLoadInfo(JSContext* aC
           }
         } else {
           // Document creating the worker is not sandboxed.
           rv = loadInfo.mPrincipal->GetBaseDomain(loadInfo.mDomain);
           NS_ENSURE_SUCCESS(rv, rv);
         }
       }
 
+      NS_ENSURE_TRUE(NS_LoadGroupMatchesPrincipal(loadInfo.mLoadGroup,
+                                                  loadInfo.mPrincipal),
+                     NS_ERROR_FAILURE);
+
       nsCOMPtr<nsIPermissionManager> permMgr =
         do_GetService(NS_PERMISSIONMANAGER_CONTRACTID, &rv);
       NS_ENSURE_SUCCESS(rv, rv);
 
       uint32_t perm;
       rv = permMgr->TestPermissionFromPrincipal(loadInfo.mPrincipal, "systemXHR",
                                                 &perm);
       NS_ENSURE_SUCCESS(rv, rv);
@@ -4946,16 +4951,19 @@ WorkerPrivate::OverrideLoadInfoLoadGroup
   nsCOMPtr<nsILoadGroup> loadGroup =
     do_CreateInstance(NS_LOADGROUP_CONTRACTID);
 
   nsresult rv =
     loadGroup->SetNotificationCallbacks(aLoadInfo.mInterfaceRequestor);
   MOZ_ALWAYS_SUCCEEDS(rv);
 
   aLoadInfo.mLoadGroup = loadGroup.forget();
+
+  MOZ_ASSERT(NS_LoadGroupMatchesPrincipal(aLoadInfo.mLoadGroup,
+                                          aLoadInfo.mPrincipal));
 }
 
 void
 WorkerPrivate::DoRunLoop(JSContext* aCx)
 {
   AssertIsOnWorkerThread();
   MOZ_ASSERT(mThread);