Bug 1369764 - in the macOS sandbox, allow reads from .app/Contents/; r=haik
authorAlex Gaynor <agaynor@mozilla.com>
Fri, 02 Jun 2017 11:59:43 -0400
changeset 362398 e2114d7578be39fffb27161d401201650c5c8106
parent 362397 2d18b28d3ec0e67043111e631eb1992d1300a252
child 362399 a8d90c08007c03c8138c909cf4d45f2ae6a9b7ed
push id91075
push userkwierso@gmail.com
push dateTue, 06 Jun 2017 00:39:16 +0000
treeherdermozilla-inbound@2128f5860eb4 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewershaik
bugs1369764
milestone55.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1369764 - in the macOS sandbox, allow reads from .app/Contents/; r=haik This permits NSS to load libsoftokn3.dylib, even when the rest of the file system's access is removed (as is the goal for the content sandbox level 3). This is needed for WebCrypto. MozReview-Commit-ID: Bh54b87zIjY
dom/ipc/ContentChild.cpp
--- a/dom/ipc/ContentChild.cpp
+++ b/dom/ipc/ContentChild.cpp
@@ -1277,34 +1277,42 @@ GetAppPaths(nsCString &aAppPath, nsCStri
     return false;
   }
   bool exists;
   rv = appDir->Exists(&exists);
   if (NS_FAILED(rv) || !exists) {
     return false;
   }
 
+  // appDir points to .app/Contents/Resources, for our purposes we want
+  // .app/Contents.
+  nsCOMPtr<nsIFile> appDirParent;
+  rv = appDir->GetParent(getter_AddRefs(appDirParent));
+  if (NS_FAILED(rv)) {
+    return false;
+  }
+
   bool isLink;
   app->IsSymlink(&isLink);
   if (isLink) {
     app->GetNativeTarget(aAppPath);
   } else {
     app->GetNativePath(aAppPath);
   }
   appBinary->IsSymlink(&isLink);
   if (isLink) {
     appBinary->GetNativeTarget(aAppBinaryPath);
   } else {
     appBinary->GetNativePath(aAppBinaryPath);
   }
-  appDir->IsSymlink(&isLink);
+  appDirParent->IsSymlink(&isLink);
   if (isLink) {
-    appDir->GetNativeTarget(aAppDir);
+    appDirParent->GetNativeTarget(aAppDir);
   } else {
-    appDir->GetNativePath(aAppDir);
+    appDirParent->GetNativePath(aAppDir);
   }
 
   return true;
 }
 
 // Returns whether or not the currently running build is a development build -
 // where development build means "the files in the .app are symlinks to the src
 // directory". This check is implemented by looking for omni.ja in