Bug 1459206 - Use FileSystemSecurity in ContentParent::RecvGetFilesRequest, r=ehsan
authorAndrea Marchesini <amarchesini@mozilla.com>
Thu, 10 May 2018 11:24:25 +0200
changeset 417707 a3ebab26f0d9e962f1f892335838ee1b51335378
parent 417706 ea7f34ae33bb1fea71339150df8bf9dd7126715d
child 417708 b25f32e267b85bf2501a3ca97bb05faa8348e627
push id33977
push userncsoregi@mozilla.com
push dateThu, 10 May 2018 16:43:24 +0000
treeherdermozilla-central@17db33b6a124 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersehsan
bugs1459206
milestone62.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1459206 - Use FileSystemSecurity in ContentParent::RecvGetFilesRequest, r=ehsan
dom/filesystem/tests/test_webkitdirectory.html
dom/ipc/ContentParent.cpp
--- a/dom/filesystem/tests/test_webkitdirectory.html
+++ b/dom/filesystem/tests/test_webkitdirectory.html
@@ -146,16 +146,17 @@ function test_changeDataWhileWorking() {
 
   .then(function() {
     test_fileList('inputFileWebkitDirectory', testDirData);
   });
 }
 
 function test_setup() {
   SpecialPowers.pushPrefEnv({"set": [["dom.input.dirpicker", true],
+                                     ["dom.filesystem.pathcheck.disabled", true],
                                      ["dom.webkitBlink.dirPicker.enabled", true]]}, next);
 }
 
 var testDirData = [ { name: 'foo.txt', path: '/foo.txt' },
                     { name: 'bar.txt', path: '/subdir/bar.txt' }];
 
 var tests = [
   test_setup,
--- a/dom/ipc/ContentParent.cpp
+++ b/dom/ipc/ContentParent.cpp
@@ -5244,16 +5244,24 @@ ContentParent::HandleWindowsMessages(con
 
 mozilla::ipc::IPCResult
 ContentParent::RecvGetFilesRequest(const nsID& aUUID,
                                    const nsString& aDirectoryPath,
                                    const bool& aRecursiveFlag)
 {
   MOZ_ASSERT(!mGetFilesPendingRequests.GetWeak(aUUID));
 
+  if (!mozilla::Preferences::GetBool("dom.filesystem.pathcheck.disabled", false)) {
+    RefPtr<FileSystemSecurity> fss = FileSystemSecurity::Get();
+    if (NS_WARN_IF(!fss ||
+                   !fss->ContentProcessHasAccessTo(ChildID(), aDirectoryPath))) {
+      return IPC_FAIL_NO_REASON(this);
+    }
+  }
+
   ErrorResult rv;
   RefPtr<GetFilesHelper> helper =
     GetFilesHelperParent::Create(aUUID, aDirectoryPath, aRecursiveFlag, this,
                                  rv);
 
   if (NS_WARN_IF(rv.Failed())) {
     if (!SendGetFilesResponse(aUUID,
                               GetFilesResponseFailure(rv.StealNSResult()))) {