--- a/content/base/src/nsObjectLoadingContent.cpp
+++ b/content/base/src/nsObjectLoadingContent.cpp
@@ -2941,17 +2941,17 @@ nsObjectLoadingContent::TeardownProtoCha
if (!::JS_GetPrototype(cx, obj, &proto)) {
return;
}
if (!proto) {
break;
}
// Unwrap while checking the jsclass - if the prototype is a wrapper for
// an NP object, that counts too.
- if (JS_GetClass(js::UnwrapObject(proto)) == &sNPObjectJSWrapperClass) {
+ if (JS_GetClass(js::UncheckedUnwrap(proto)) == &sNPObjectJSWrapperClass) {
// We found an NPObject on the proto chain, get its prototype...
if (!::JS_GetPrototype(cx, proto, &proto)) {
return;
}
MOZ_ASSERT(!removed, "more than one NPObject in prototype chain");
removed = true;
--- a/content/xbl/src/nsXBLProtoImplField.cpp
+++ b/content/xbl/src/nsXBLProtoImplField.cpp
@@ -178,17 +178,17 @@ InstallXBLField(JSContext* cx,
JS::Rooted<JS::Value> name(cx, js::GetFunctionNativeReserved(callee, FIELD_SLOT));
JSFlatString* fieldStr = JS_ASSERT_STRING_IS_FLAT(name.toString());
fieldName.init(fieldStr);
MOZ_ALWAYS_TRUE(JS_ValueToId(cx, name, idp.address()));
// If a separate XBL scope is being used, the callee is not same-compartment
// with the xbl prototype, and the object is a cross-compartment wrapper.
- xblProto = js::UnwrapObject(xblProto);
+ xblProto = js::UncheckedUnwrap(xblProto);
JSAutoCompartment ac2(cx, xblProto);
JS::Value slotVal = ::JS_GetReservedSlot(xblProto, 0);
protoBinding = static_cast<nsXBLPrototypeBinding*>(slotVal.toPrivate());
MOZ_ASSERT(protoBinding);
}
nsXBLProtoImplField* field = protoBinding->FindField(fieldName);
MOZ_ASSERT(field);
@@ -225,17 +225,17 @@ FieldGetterImpl(JSContext *cx, JS::CallA
JS::Rooted<JSObject*> thisObj(cx, &thisv.toObject());
// We should be in the compartment of |this|. If we got here via nativeCall,
// |this| is not same-compartment with |callee|, and it's possible via
// asymmetric security semantics that |args.calleev()| is actually a security
// wrapper. In this case, we know we want to do an unsafe unwrap, and
// InstallXBLField knows how to handle cross-compartment pointers.
bool installed = false;
- JS::Rooted<JSObject*> callee(cx, js::UnwrapObject(&args.calleev().toObject()));
+ JS::Rooted<JSObject*> callee(cx, js::UncheckedUnwrap(&args.calleev().toObject()));
JS::Rooted<jsid> id(cx);
if (!InstallXBLField(cx, callee, thisObj, &id, &installed)) {
return false;
}
if (!installed) {
args.rval().setUndefined();
return true;
@@ -294,17 +294,17 @@ FieldSetterImpl(JSContext *cx, JS::CallA
JS::Rooted<JSObject*> thisObj(cx, &thisv.toObject());
// We should be in the compartment of |this|. If we got here via nativeCall,
// |this| is not same-compartment with |callee|, and it's possible via
// asymmetric security semantics that |args.calleev()| is actually a security
// wrapper. In this case, we know we want to do an unsafe unwrap, and
// InstallXBLField knows how to handle cross-compartment pointers.
bool installed = false;
- JS::Rooted<JSObject*> callee(cx, js::UnwrapObject(&args.calleev().toObject()));
+ JS::Rooted<JSObject*> callee(cx, js::UncheckedUnwrap(&args.calleev().toObject()));
JS::Rooted<jsid> id(cx);
if (!InstallXBLField(cx, callee, thisObj, &id, &installed)) {
return false;
}
if (installed) {
JS::Rooted<JS::Value> v(cx,
args.length() > 0 ? args[0] : JS::UndefinedValue());
--- a/dom/base/nsDOMClassInfo.cpp
+++ b/dom/base/nsDOMClassInfo.cpp
@@ -4255,17 +4255,17 @@ nsDOMConstructor::HasInstance(nsIXPConne
if (JSVAL_IS_PRIMITIVE(v)) {
return NS_OK;
}
JSObject *dom_obj = JSVAL_TO_OBJECT(v);
NS_ASSERTION(dom_obj, "nsDOMConstructor::HasInstance couldn't get object");
// This might not be the right object, if there are wrappers. Unwrap if we can.
- JSObject *wrapped_obj = js::UnwrapObjectChecked(dom_obj, /* stopAtOuter = */ false);
+ JSObject *wrapped_obj = js::CheckedUnwrap(dom_obj, /* stopAtOuter = */ false);
if (wrapped_obj)
dom_obj = wrapped_obj;
JSClass *dom_class = JS_GetClass(dom_obj);
if (!dom_class) {
NS_ERROR("nsDOMConstructor::HasInstance can't get class.");
return NS_ERROR_UNEXPECTED;
}
@@ -4770,17 +4770,17 @@ nsWindowSH::GlobalResolve(nsGlobalWindow
if (name_struct->mPrefEnabled && !(*name_struct->mPrefEnabled)()) {
return NS_OK;
}
Maybe<JSAutoCompartment> ac;
JSObject* global;
bool defineOnXray = ObjectIsNativeWrapper(cx, obj);
if (defineOnXray) {
- global = js::UnwrapObjectChecked(obj, /* stopAtOuter = */ false);
+ global = js::CheckedUnwrap(obj, /* stopAtOuter = */ false);
if (!global) {
return NS_ERROR_DOM_SECURITY_ERR;
}
ac.construct(cx, global);
} else {
global = obj;
}
@@ -5018,17 +5018,17 @@ ContentWindowGetter(JSContext *cx, unsig
return ::JS_GetProperty(cx, obj, "content", vp);
}
template<class Interface>
static nsresult
LocationSetterGuts(JSContext *cx, JSObject *obj, jsval *vp)
{
// This function duplicates some of the logic in XPC_WN_HelperSetProperty
- obj = js::UnwrapObjectChecked(obj, /* stopAtOuter = */ false);
+ obj = js::CheckedUnwrap(obj, /* stopAtOuter = */ false);
if (!IS_WN_WRAPPER(obj))
return NS_ERROR_XPC_BAD_CONVERT_JS;
XPCWrappedNative *wrapper = XPCWrappedNative::Get(obj);
// The error checks duplicate code in THROW_AND_RETURN_IF_BAD_WRAPPER
NS_ENSURE_TRUE(!wrapper || wrapper->IsValid(), NS_ERROR_XPC_HAS_BEEN_SHUTDOWN);
nsCOMPtr<Interface> xpcomObj = do_QueryWrappedNative(wrapper, obj);
--- a/dom/base/nsGlobalWindow.cpp
+++ b/dom/base/nsGlobalWindow.cpp
@@ -6484,17 +6484,17 @@ nsGlobalWindow::CallerInnerWindow()
// sandboxPrototype. This used to work incidentally for unrelated reasons, but
// now we need to do some special handling to support it.
{
JSAutoCompartment ac(cx, scope);
JSObject *scopeProto;
bool ok = JS_GetPrototype(cx, scope, &scopeProto);
NS_ENSURE_TRUE(ok, nullptr);
if (scopeProto && xpc::IsSandboxPrototypeProxy(scopeProto) &&
- (scopeProto = js::UnwrapObjectChecked(scopeProto, /* stopAtOuter = */ false)))
+ (scopeProto = js::CheckedUnwrap(scopeProto, /* stopAtOuter = */ false)))
{
scope = scopeProto;
}
}
JSAutoCompartment ac(cx, scope);
nsCOMPtr<nsIXPConnectWrappedNative> wrapper;
nsContentUtils::XPConnect()->
--- a/dom/bindings/BindingUtils.cpp
+++ b/dom/bindings/BindingUtils.cpp
@@ -662,17 +662,17 @@ QueryInterface(JSContext* cx, unsigned a
{
JS::Value thisv = JS_THIS(cx, vp);
if (thisv == JSVAL_NULL)
return false;
// Get the object. It might be a security wrapper, in which case we do a checked
// unwrap.
JSObject* origObj = JSVAL_TO_OBJECT(thisv);
- JSObject* obj = js::UnwrapObjectChecked(origObj);
+ JSObject* obj = js::CheckedUnwrap(origObj);
if (!obj) {
JS_ReportError(cx, "Permission denied to access object");
return false;
}
nsISupports* native;
if (!UnwrapDOMObjectToISupports(obj, native)) {
return Throw<true>(cx, NS_ERROR_FAILURE);
@@ -1240,17 +1240,17 @@ GetPropertyOnPrototype(JSContext* cx, JS
}
bool
HasPropertyOnPrototype(JSContext* cx, JSObject* proxy, DOMProxyHandler* handler,
jsid id)
{
Maybe<JSAutoCompartment> ac;
if (xpc::WrapperFactory::IsXrayWrapper(proxy)) {
- proxy = js::UnwrapObject(proxy);
+ proxy = js::UncheckedUnwrap(proxy);
ac.construct(cx, proxy);
}
MOZ_ASSERT(js::IsProxy(proxy) && js::GetProxyHandler(proxy) == handler);
bool found;
// We ignore an error from GetPropertyOnPrototype.
return !GetPropertyOnPrototype(cx, proxy, id, &found, NULL) || found;
}
@@ -1582,17 +1582,17 @@ ReparentWrapper(JSContext* aCx, JSObject
}
template<bool mainThread>
inline JSObject*
GetGlobalObject(JSContext* aCx, JSObject* aObject,
Maybe<JSAutoCompartment>& aAutoCompartment)
{
if (js::IsWrapper(aObject)) {
- aObject = js::UnwrapObjectChecked(aObject, /* stopAtOuter = */ false);
+ aObject = js::CheckedUnwrap(aObject, /* stopAtOuter = */ false);
if (!aObject) {
Throw<mainThread>(aCx, NS_ERROR_XPC_SECURITY_MANAGER_VETO);
return nullptr;
}
aAutoCompartment.construct(aCx, aObject);
}
return JS_GetGlobalForObject(aCx, aObject);
@@ -1631,17 +1631,17 @@ WorkerGlobalObject::WorkerGlobalObject(J
JSBool
InterfaceHasInstance(JSContext* cx, JSHandleObject obj, JSObject* instance,
JSBool* bp)
{
const DOMIfaceAndProtoJSClass* clasp =
DOMIfaceAndProtoJSClass::FromJSClass(js::GetObjectClass(obj));
- const DOMClass* domClass = GetDOMClass(js::UnwrapObject(instance));
+ const DOMClass* domClass = GetDOMClass(js::UncheckedUnwrap(instance));
MOZ_ASSERT(!domClass || clasp->mPrototypeID != prototypes::id::_ID_Count,
"Why do we have a hasInstance hook if we don't have a prototype "
"ID?");
if (domClass &&
domClass->mInterfaceChain[clasp->mDepth] == clasp->mPrototypeID) {
*bp = true;
--- a/dom/bindings/BindingUtils.h
+++ b/dom/bindings/BindingUtils.h
@@ -155,17 +155,17 @@ UnwrapObject(JSContext* cx, JSObject* ob
const DOMClass* domClass = GetDOMClass(obj);
if (!domClass) {
/* Maybe we have a security wrapper or outer window? */
if (!js::IsWrapper(obj)) {
/* Not a DOM object, not a wrapper, just bail */
return NS_ERROR_XPC_BAD_CONVERT_JS;
}
- obj = js::UnwrapObjectChecked(obj, /* stopAtOuter = */ false);
+ obj = js::CheckedUnwrap(obj, /* stopAtOuter = */ false);
if (!obj) {
return NS_ERROR_XPC_SECURITY_MANAGER_VETO;
}
MOZ_ASSERT(!js::IsWrapper(obj));
domClass = GetDOMClass(obj);
if (!domClass) {
/* We don't have a DOM object */
return NS_ERROR_XPC_BAD_CONVERT_JS;
@@ -616,17 +616,17 @@ WrapNewBindingNonWrapperCachedObject(JSC
{
// We try to wrap in the compartment of the underlying object of "scope"
JSObject* obj;
{
// scope for the JSAutoCompartment so that we restore the compartment
// before we call JS_WrapValue.
Maybe<JSAutoCompartment> ac;
if (js::IsWrapper(scope)) {
- scope = js::UnwrapObjectChecked(scope, /* stopAtOuter = */ false);
+ scope = js::CheckedUnwrap(scope, /* stopAtOuter = */ false);
if (!scope)
return false;
ac.construct(cx, scope);
}
obj = value->WrapObject(cx, scope);
}
--- a/dom/bindings/CallbackObject.cpp
+++ b/dom/bindings/CallbackObject.cpp
@@ -45,17 +45,17 @@ CallbackObject::CallSetup::CallSetup(JSO
// We need to produce a useful JSContext here. Ideally one that the callback
// is in some sense associated with, so that we can sort of treat it as a
// "script entry point". Though once we actually have script entry points,
// we'll need to do the script entry point bits once we have an actual
// callable.
// First, find the real underlying callback.
- JSObject* realCallback = js::UnwrapObject(aCallback);
+ JSObject* realCallback = js::UncheckedUnwrap(aCallback);
// Now get the nsIScriptGlobalObject for this callback.
JSContext* cx = nullptr;
nsIScriptContext* ctx = nullptr;
nsIScriptGlobalObject* sgo = nsJSUtils::GetStaticScriptGlobal(realCallback);
if (sgo) {
// Make sure that if this is a window it's the current inner, since the
// nsIScriptContext and hence JSContext are associated with the outer
@@ -101,17 +101,17 @@ CallbackObject::CallSetup::CallSetup(JSO
// FIXME: Bug 807369.
mCtx = ctx;
// Check that it's ok to run this callback at all.
// FIXME: Bug 807371: we want a less silly check here.
// Make sure to unwrap aCallback before passing it in, because
// getting principals from wrappers is silly.
nsresult rv = nsContentUtils::GetSecurityManager()->
- CheckFunctionAccess(cx, js::UnwrapObject(aCallback), nullptr);
+ CheckFunctionAccess(cx, js::UncheckedUnwrap(aCallback), nullptr);
// Construct a termination func holder even if we're not planning to
// run any script. We need this because we're going to call
// ScriptEvaluated even if we don't run the script... See XXX
// comment above.
if (ctx) {
mTerminationFuncHolder.construct(static_cast<nsJSContext*>(ctx));
}
--- a/dom/bindings/CallbackObject.h
+++ b/dom/bindings/CallbackObject.h
@@ -49,17 +49,17 @@ public:
*/
CallbackObject(JSContext* cx, JSObject* aOwner, JSObject* aCallback,
bool* aInited)
: mCallback(nullptr)
{
// If aOwner is not null, enter the compartment of aOwner's
// underlying object.
if (aOwner) {
- aOwner = js::UnwrapObject(aOwner);
+ aOwner = js::UncheckedUnwrap(aOwner);
JSAutoCompartment ac(cx, aOwner);
if (!JS_WrapObject(cx, &aCallback)) {
*aInited = false;
return;
}
}
Init(aCallback);
@@ -277,19 +277,19 @@ public:
if (!HasWebIDLCallback() || !GetWebIDLCallback()) {
// If other is non-null, then we can't be equal if we have a
// non-WebIDL callback or a null callback.
return false;
}
JSObject* thisObj =
- js::UnwrapObject(GetWebIDLCallback()->CallbackPreserveColor());
+ js::UncheckedUnwrap(GetWebIDLCallback()->CallbackPreserveColor());
JSObject* otherObj =
- js::UnwrapObject(aOtherCallback->CallbackPreserveColor());
+ js::UncheckedUnwrap(aOtherCallback->CallbackPreserveColor());
return thisObj == otherObj;
}
bool operator==(XPCOMCallbackT* aOtherCallback) const
{
return (!aOtherCallback && !GetISupports()) ||
(!HasWebIDLCallback() && GetXPCOMCallback() == aOtherCallback);
}
--- a/dom/bindings/Codegen.py
+++ b/dom/bindings/Codegen.py
@@ -1106,24 +1106,24 @@ class CGClassHasInstanceHook(CGAbstractS
bool ok = InterfaceHasInstance(cx, obj, instance, bp);
if (!ok || *bp) {
return ok;
}
// FIXME Limit this to chrome by checking xpc::AccessCheck::isChrome(obj).
nsISupports* native =
nsContentUtils::XPConnect()->GetNativeOfWrapper(cx,
- js::UnwrapObject(instance));
+ js::UncheckedUnwrap(instance));
nsCOMPtr<nsIDOM%s> qiResult = do_QueryInterface(native);
*bp = !!qiResult;
return true;
""" % self.descriptor.interface.identifier.name
hasInstanceCode = """
- const DOMClass* domClass = GetDOMClass(js::UnwrapObject(instance));
+ const DOMClass* domClass = GetDOMClass(js::UncheckedUnwrap(instance));
*bp = false;
"""
# Sort interaces implementing self by name so we get stable output.
for iface in sorted(self.descriptor.interface.interfacesImplementingSelf,
key=lambda iface: iface.identifier.name):
hasInstanceCode += """
if (domClass->mInterfaceChain[PrototypeTraits<prototypes::id::%s>::Depth] == prototypes::id::%s) {
*bp = true;
@@ -6068,17 +6068,17 @@ class CGProxyUnwrap(CGAbstractMethod):
args = [Argument('JSObject*', 'obj')]
CGAbstractMethod.__init__(self, descriptor, "UnwrapProxy", descriptor.nativeType + '*', args, alwaysInline=True)
def declare(self):
return ""
def definition_body(self):
return """ MOZ_ASSERT(js::IsProxy(obj));
if (js::GetProxyHandler(obj) != DOMProxyHandler::getInstance()) {
MOZ_ASSERT(xpc::WrapperFactory::IsXrayWrapper(obj));
- obj = js::UnwrapObject(obj);
+ obj = js::UncheckedUnwrap(obj);
}
MOZ_ASSERT(IsProxy(obj));
return static_cast<%s*>(js::GetProxyPrivate(obj).toPrivate());""" % (self.descriptor.nativeType)
class CGDOMJSProxyHandlerDOMClass(CGThing):
def __init__(self, descriptor):
CGThing.__init__(self)
self.descriptor = descriptor
--- a/dom/plugins/base/nsJSNPRuntime.cpp
+++ b/dom/plugins/base/nsJSNPRuntime.cpp
@@ -460,17 +460,17 @@ JSValToNPVariant(NPP npp, JSContext *cx,
// The reflected plugin object may be in another compartment if the plugin
// element has since been adopted into a new document. We don't bother
// transplanting the plugin objects, and just do a unwrap with security
// checks if we encounter one of them as an argument. If the unwrap fails,
// we run with the original wrapped object, since sometimes there are
// legitimate cases where a security wrapper ends up here (for example,
// Location objects, which are _always_ behind security wrappers).
JSObject *obj = JSVAL_TO_OBJECT(val);
- obj = js::UnwrapObjectChecked(obj);
+ obj = js::CheckedUnwrap(obj);
if (!obj) {
obj = JSVAL_TO_OBJECT(val);
}
NPObject *npobj = nsJSObjWrapper::GetNewOrUsed(npp, cx, obj);
if (!npobj) {
return false;
}
@@ -1122,17 +1122,17 @@ nsJSObjWrapper::GetNewOrUsed(NPP npp, JS
// wrapper.
//
// Because this function unwraps, its return value must be wrapped for the cx
// compartment for callers that plan to hold onto the result or do anything
// substantial with it.
static JSObject *
GetNPObjectWrapper(JSContext *cx, JSObject *obj, bool wrapResult = true)
{
- while (obj && (obj = js::UnwrapObjectChecked(obj))) {
+ while (obj && (obj = js::CheckedUnwrap(obj))) {
if (JS_GetClass(obj) == &sNPObjectJSWrapperClass) {
if (wrapResult && !JS_WrapObject(cx, &obj)) {
return NULL;
}
return obj;
}
if (!::JS_GetPrototype(cx, obj, &obj)) {
return NULL;
--- a/dom/src/jsurl/nsJSProtocolHandler.cpp
+++ b/dom/src/jsurl/nsJSProtocolHandler.cpp
@@ -289,17 +289,17 @@ nsresult nsJSThunk::EvaluateScript(nsICh
// The nsXPConnect sandbox API gives us a wrapper to the sandbox for
// our current compartment. Because our current context doesn't necessarily
// subsume that of the sandbox, we want to unwrap and enter the sandbox's
// compartment. It's a shame that the APIs here are so clunkly. :-(
JSObject *sandboxObj;
rv = sandbox->GetJSObject(&sandboxObj);
NS_ENSURE_SUCCESS(rv, rv);
- sandboxObj = js::UnwrapObject(sandboxObj);
+ sandboxObj = js::UncheckedUnwrap(sandboxObj);
JSAutoCompartment ac(cx, sandboxObj);
// Push our JSContext on the context stack so the JS_ValueToString call (and
// JS_ReportPendingException, if relevant) will use the principal of cx.
// Note that we do this as late as possible to make popping simpler.
nsCOMPtr<nsIJSContextStack> stack =
do_GetService("@mozilla.org/js/xpc/ContextStack;1", &rv);
if (NS_SUCCEEDED(rv)) {
--- a/extensions/pref/autoconfig/src/nsJSConfigTriggers.cpp
+++ b/extensions/pref/autoconfig/src/nsJSConfigTriggers.cpp
@@ -55,17 +55,17 @@ nsresult CentralizedAdminPrefManagerInit
JSAutoRequest ar(cx);
nsCOMPtr<nsIXPConnectJSObjectHolder> sandbox;
rv = xpc->CreateSandbox(cx, principal, getter_AddRefs(sandbox));
NS_ENSURE_SUCCESS(rv, rv);
// Unwrap, store and root the sandbox.
rv = sandbox->GetJSObject(&autoconfigSb);
NS_ENSURE_SUCCESS(rv, rv);
- autoconfigSb = js::UnwrapObject(autoconfigSb);
+ autoconfigSb = js::UncheckedUnwrap(autoconfigSb);
JSAutoCompartment ac(cx, autoconfigSb);
if (!JS_AddNamedObjectRoot(cx, &autoconfigSb, "AutoConfig Sandbox"))
return NS_ERROR_FAILURE;
return NS_OK;
}
nsresult CentralizedAdminPrefManagerFinish()
--- a/js/src/builtin/TestingFunctions.cpp
+++ b/js/src/builtin/TestingFunctions.cpp
@@ -200,17 +200,17 @@ GC(JSContext *cx, unsigned argc, jsval *
*/
JSBool compartment = false;
if (argc == 1) {
Value arg = vp[2];
if (arg.isString()) {
if (!JS_StringEqualsAscii(cx, arg.toString(), "compartment", &compartment))
return false;
} else if (arg.isObject()) {
- PrepareZoneForGC(UnwrapObject(&arg.toObject())->zone());
+ PrepareZoneForGC(UncheckedUnwrap(&arg.toObject())->zone());
compartment = true;
}
}
#ifndef JS_MORE_DETERMINISTIC
size_t preBytes = cx->runtime->gcBytes;
#endif
@@ -403,17 +403,17 @@ ScheduleGC(JSContext *cx, unsigned argc,
return JS_FALSE;
}
if (args[0].isInt32()) {
/* Schedule a GC to happen after |arg| allocations. */
JS_ScheduleGC(cx, args[0].toInt32());
} else if (args[0].isObject()) {
/* Ensure that |zone| is collected during the next GC. */
- Zone *zone = UnwrapObject(&args[0].toObject())->zone();
+ Zone *zone = UncheckedUnwrap(&args[0].toObject())->zone();
PrepareZoneForGC(zone);
} else if (args[0].isString()) {
/* This allows us to schedule atomsCompartment for GC. */
PrepareZoneForGC(args[0].toString()->zone());
}
*vp = JSVAL_VOID;
return JS_TRUE;
--- a/js/src/jsboolinlines.h
+++ b/js/src/jsboolinlines.h
@@ -29,17 +29,17 @@ BooleanGetPrimitiveValue(JSContext *cx,
}
return BooleanGetPrimitiveValueSlow(cx, obj, vp);
}
inline bool
EmulatesUndefined(RawObject obj)
{
- RawObject actual = MOZ_LIKELY(!obj->isWrapper()) ? obj : UnwrapObject(obj);
+ RawObject actual = MOZ_LIKELY(!obj->isWrapper()) ? obj : UncheckedUnwrap(obj);
bool emulatesUndefined = actual->getClass()->emulatesUndefined();
MOZ_ASSERT_IF(emulatesUndefined, obj->type()->flags & types::OBJECT_FLAG_EMULATES_UNDEFINED);
return emulatesUndefined;
}
} /* namespace js */
#endif /* jsboolinlines_h___ */
--- a/js/src/jsclone.cpp
+++ b/js/src/jsclone.cpp
@@ -456,17 +456,17 @@ JSStructuredCloneWriter::parseTransferab
return false;
}
if (!v.isObject()) {
reportErrorTransferable();
return false;
}
- JSObject* tObj = UnwrapObjectChecked(&v.toObject());
+ JSObject* tObj = CheckedUnwrap(&v.toObject());
if (!tObj) {
JS_ReportError(context(), "Permission denied to access object");
return false;
}
if (!tObj->isArrayBuffer()) {
reportErrorTransferable();
return false;
}
@@ -539,17 +539,17 @@ JS_PUBLIC_API(JSBool)
JS_WriteTypedArray(JSStructuredCloneWriter *w, jsval v)
{
JS_ASSERT(v.isObject());
RootedObject obj(w->context(), &v.toObject());
// If the object is a security wrapper, see if we're allowed to unwrap it.
// If we aren't, throw.
if (obj->isWrapper())
- obj = UnwrapObjectChecked(obj);
+ obj = CheckedUnwrap(obj);
if (!obj) {
JS_ReportError(w->context(), "Permission denied to access object");
return false;
}
return w->writeTypedArray(obj);
}
bool
@@ -643,17 +643,17 @@ JSStructuredCloneWriter::startWrite(cons
return out.writePair(SCTAG_NULL, 0);
} else if (v.isUndefined()) {
return out.writePair(SCTAG_UNDEFINED, 0);
} else if (v.isObject()) {
RootedObject obj(context(), &v.toObject());
// The object might be a security wrapper. See if we can clone what's
// behind it. If we can, unwrap the object.
- obj = UnwrapObjectChecked(obj);
+ obj = CheckedUnwrap(obj);
if (!obj) {
JS_ReportError(context(), "Permission denied to access object");
return false;
}
AutoCompartment ac(context(), obj);
bool backref;
--- a/js/src/jscompartment.cpp
+++ b/js/src/jscompartment.cpp
@@ -258,17 +258,17 @@ JSCompartment::wrap(JSContext *cx, Mutab
if (obj->compartment() == this)
return WrapForSameCompartment(cx, obj, vp);
/* Translate StopIteration singleton. */
if (obj->isStopIteration())
return js_FindClassObject(cx, JSProto_StopIteration, vp);
/* Unwrap the object, but don't unwrap outer windows. */
- obj = UnwrapObject(obj, /* stopAtOuter = */ true, &flags);
+ obj = UncheckedUnwrap(obj, /* stopAtOuter = */ true, &flags);
if (obj->compartment() == this)
return WrapForSameCompartment(cx, obj, vp);
if (cx->runtime->preWrapObjectCallback) {
obj = cx->runtime->preWrapObjectCallback(cx, global, obj, flags);
if (!obj)
return false;
--- a/js/src/jsdbgapi.cpp
+++ b/js/src/jsdbgapi.cpp
@@ -918,23 +918,23 @@ JS_DumpCompartmentPCCounts(JSContext *cx
if (script->hasScriptCounts && script->enclosingScriptsCompiledSuccessfully())
JS_DumpPCCounts(cx, script);
}
}
JS_PUBLIC_API(JSObject *)
JS_UnwrapObject(JSObject *obj)
{
- return UnwrapObject(obj);
+ return UncheckedUnwrap(obj);
}
JS_PUBLIC_API(JSObject *)
JS_UnwrapObjectAndInnerize(JSObject *obj)
{
- return UnwrapObject(obj, /* stopAtOuter = */ false);
+ return UncheckedUnwrap(obj, /* stopAtOuter = */ false);
}
JS_FRIEND_API(JSBool)
js_CallContextDebugHandler(JSContext *cx)
{
NonBuiltinScriptFrameIter iter(cx);
JS_ASSERT(!iter.done());
--- a/js/src/jsfriendapi.cpp
+++ b/js/src/jsfriendapi.cpp
@@ -66,17 +66,17 @@ JS_FindCompilationScope(JSContext *cx, R
{
RootedObject obj(cx, objArg);
/*
* We unwrap wrappers here. This is a little weird, but it's what's being
* asked of us.
*/
if (obj->isWrapper())
- obj = UnwrapObject(obj);
+ obj = UncheckedUnwrap(obj);
/*
* Innerize the target_obj so that we compile in the correct (inner)
* scope.
*/
if (JSObjectOp op = obj->getClass()->ext.innerObject)
obj = op(cx, obj);
return obj;
--- a/js/src/jsproxy.cpp
+++ b/js/src/jsproxy.cpp
@@ -558,17 +558,17 @@ DirectProxyHandler::defaultValue(JSConte
if (hint == JSTYPE_VOID)
return ToPrimitive(cx, vp);
return ToPrimitive(cx, hint, vp);
}
JSObject *
DirectProxyHandler::weakmapKeyDelegate(JSObject *proxy)
{
- return UnwrapObject(proxy);
+ return UncheckedUnwrap(proxy);
}
DirectProxyHandler::DirectProxyHandler(void *family)
: BaseProxyHandler(family)
{
}
bool
--- a/js/src/jstypedarray.cpp
+++ b/js/src/jstypedarray.cpp
@@ -1834,17 +1834,17 @@ class TypedArrayTemplate
/*
* (typedArray)
* (type[] array)
*
* Otherwise create a new typed array and copy elements 0..len-1
* properties from the object, treating it as some sort of array.
* Note that offset and length will be ignored
*/
- if (!UnwrapObject(dataObj)->isArrayBuffer())
+ if (!UncheckedUnwrap(dataObj)->isArrayBuffer())
return fromArray(cx, dataObj);
/* (ArrayBuffer, [byteOffset, [length]]) */
int32_t byteOffset = -1;
int32_t length = -1;
if (argc > 1) {
if (!ToInt32(cx, argv[1], &byteOffset))
@@ -2117,17 +2117,17 @@ class TypedArrayTemplate
* construct the new typed array in the compartment of the buffer,
* so that the typed array can point directly at their buffer's
* data without crossing compartment boundaries. So we use the
* machinery underlying NonGenericMethodGuard directly to proxy the
* native call. We will end up with a wrapper in the origin
* compartment for a view in the target compartment referencing the
* ArrayBuffer in that same compartment.
*/
- JSObject *wrapped = UnwrapObjectChecked(bufobj);
+ JSObject *wrapped = CheckedUnwrap(bufobj);
if (!wrapped) {
JS_ReportError(cx, "Permission denied to access object");
return NULL;
}
if (wrapped->isArrayBuffer()) {
/*
* And for even more fun, the new view's prototype should be
* set to the origin compartment's prototype object, not the
@@ -2740,17 +2740,17 @@ JSBool
DataViewObject::class_constructor(JSContext *cx, unsigned argc, Value *vp)
{
CallArgs args = CallArgsFromVp(argc, vp);
RootedObject bufobj(cx);
if (!GetFirstArgumentAsObject(cx, args, "DataView constructor", &bufobj))
return false;
- if (bufobj->isWrapper() && UnwrapObject(bufobj)->isArrayBuffer()) {
+ if (bufobj->isWrapper() && UncheckedUnwrap(bufobj)->isArrayBuffer()) {
Rooted<GlobalObject*> global(cx, cx->compartment->maybeGlobal());
Rooted<JSObject*> proto(cx, global->getOrCreateDataViewPrototype(cx));
if (!proto)
return false;
InvokeArgsGuard ag;
if (!cx->stack.pushInvokeArgs(cx, args.length() + 1, &ag))
return false;
@@ -3387,17 +3387,17 @@ JSFunctionSpec _typedArray::jsfuncs[] =
MOZ_ASSERT(byteoffset <= INT32_MAX); \
Rooted<JSObject*> arrayBuffer(cx, arrayBuffer_); \
Rooted<JSObject*> proto(cx, NULL); \
return TypedArrayTemplate<NativeType>::fromBuffer(cx, arrayBuffer, byteoffset, length, \
proto); \
} \
JS_FRIEND_API(JSBool) JS_Is ## Name ## Array(JSObject *obj) \
{ \
- if (!(obj = UnwrapObjectChecked(obj))) \
+ if (!(obj = CheckedUnwrap(obj))) \
return false; \
Class *clasp = obj->getClass(); \
return (clasp == &TypedArray::classes[TypedArrayTemplate<NativeType>::ArrayTypeID()]); \
}
IMPL_TYPED_ARRAY_JSAPI_CONSTRUCTORS(Int8, int8_t)
IMPL_TYPED_ARRAY_JSAPI_CONSTRUCTORS(Uint8, uint8_t)
IMPL_TYPED_ARRAY_JSAPI_CONSTRUCTORS(Uint8Clamped, uint8_clamped)
@@ -3408,17 +3408,17 @@ IMPL_TYPED_ARRAY_JSAPI_CONSTRUCTORS(Uint
IMPL_TYPED_ARRAY_JSAPI_CONSTRUCTORS(Float32, float)
IMPL_TYPED_ARRAY_JSAPI_CONSTRUCTORS(Float64, double)
#define IMPL_TYPED_ARRAY_COMBINED_UNWRAPPERS(Name, ExternalType, InternalType) \
JS_FRIEND_API(JSObject *) JS_GetObjectAs ## Name ## Array(JSObject *obj, \
uint32_t *length, \
ExternalType **data) \
{ \
- if (!(obj = UnwrapObjectChecked(obj))) \
+ if (!(obj = CheckedUnwrap(obj))) \
return NULL; \
\
Class *clasp = obj->getClass(); \
if (clasp != &TypedArray::classes[TypedArrayTemplate<InternalType>::ArrayTypeID()]) \
return NULL; \
\
*length = TypedArray::length(obj); \
*data = static_cast<ExternalType *>(TypedArray::viewData(obj)); \
@@ -3856,45 +3856,45 @@ js::IsTypedArrayBuffer(const Value &v)
return v.isObject() && v.toObject().isArrayBuffer();
}
/* JS Friend API */
JS_FRIEND_API(JSBool)
JS_IsArrayBufferObject(JSObject *obj)
{
- obj = UnwrapObjectChecked(obj);
+ obj = CheckedUnwrap(obj);
return obj ? obj->isArrayBuffer() : false;
}
JS_FRIEND_API(JSBool)
JS_IsTypedArrayObject(JSObject *obj)
{
- obj = UnwrapObjectChecked(obj);
+ obj = CheckedUnwrap(obj);
return obj ? obj->isTypedArray() : false;
}
JS_FRIEND_API(JSBool)
JS_IsArrayBufferViewObject(JSObject *obj)
{
- obj = UnwrapObjectChecked(obj);
+ obj = CheckedUnwrap(obj);
return obj ? (obj->isTypedArray() || obj->isDataView()) : false;
}
JS_FRIEND_API(uint32_t)
JS_GetArrayBufferByteLength(JSObject *obj)
{
- obj = UnwrapObjectChecked(obj);
+ obj = CheckedUnwrap(obj);
return obj ? obj->asArrayBuffer().byteLength() : 0;
}
JS_FRIEND_API(uint8_t *)
JS_GetArrayBufferData(JSObject *obj)
{
- obj = UnwrapObjectChecked(obj);
+ obj = CheckedUnwrap(obj);
if (!obj)
return NULL;
ArrayBufferObject &buffer = obj->asArrayBuffer();
if (!buffer.uninlineData(NULL))
return NULL;
return buffer.dataPointer();
}
@@ -3930,262 +3930,262 @@ JS_AllocateArrayBufferContents(JSContext
*data = reinterpret_cast<uint8_t*>(header->elements());
return true;
}
JS_PUBLIC_API(JSBool)
JS_StealArrayBufferContents(JSContext *cx, JSObject *obj, void **contents,
uint8_t **data)
{
- if (!(obj = UnwrapObjectChecked(obj)))
+ if (!(obj = CheckedUnwrap(obj)))
return false;
if (!obj->isArrayBuffer()) {
JS_ReportErrorNumber(cx, js_GetErrorMessage, NULL, JSMSG_TYPED_ARRAY_BAD_ARGS);
return false;
}
if (!ArrayBufferObject::stealContents(cx, obj, contents, data))
return false;
return true;
}
JS_FRIEND_API(uint32_t)
JS_GetTypedArrayLength(JSObject *obj)
{
- obj = UnwrapObjectChecked(obj);
+ obj = CheckedUnwrap(obj);
if (!obj)
return 0;
JS_ASSERT(obj->isTypedArray());
return TypedArray::length(obj);
}
JS_FRIEND_API(uint32_t)
JS_GetTypedArrayByteOffset(JSObject *obj)
{
- obj = UnwrapObjectChecked(obj);
+ obj = CheckedUnwrap(obj);
if (!obj)
return 0;
JS_ASSERT(obj->isTypedArray());
return TypedArray::byteOffset(obj);
}
JS_FRIEND_API(uint32_t)
JS_GetTypedArrayByteLength(JSObject *obj)
{
- obj = UnwrapObjectChecked(obj);
+ obj = CheckedUnwrap(obj);
if (!obj)
return 0;
JS_ASSERT(obj->isTypedArray());
return TypedArray::byteLength(obj);
}
JS_FRIEND_API(JSArrayBufferViewType)
JS_GetArrayBufferViewType(JSObject *obj)
{
- obj = UnwrapObjectChecked(obj);
+ obj = CheckedUnwrap(obj);
if (!obj)
return ArrayBufferView::TYPE_MAX;
if (obj->isTypedArray())
return static_cast<JSArrayBufferViewType>(TypedArray::type(obj));
else if (obj->isDataView())
return ArrayBufferView::TYPE_DATAVIEW;
JS_NOT_REACHED("invalid ArrayBufferView type");
return ArrayBufferView::TYPE_MAX;
}
JS_FRIEND_API(int8_t *)
JS_GetInt8ArrayData(JSObject *obj)
{
- obj = UnwrapObjectChecked(obj);
+ obj = CheckedUnwrap(obj);
if (!obj)
return NULL;
JS_ASSERT(obj->isTypedArray());
JS_ASSERT(TypedArray::type(obj) == ArrayBufferView::TYPE_INT8);
return static_cast<int8_t *>(TypedArray::viewData(obj));
}
JS_FRIEND_API(uint8_t *)
JS_GetUint8ArrayData(JSObject *obj)
{
- obj = UnwrapObjectChecked(obj);
+ obj = CheckedUnwrap(obj);
if (!obj)
return NULL;
JS_ASSERT(obj->isTypedArray());
JS_ASSERT(TypedArray::type(obj) == ArrayBufferView::TYPE_UINT8);
return static_cast<uint8_t *>(TypedArray::viewData(obj));
}
JS_FRIEND_API(uint8_t *)
JS_GetUint8ClampedArrayData(JSObject *obj)
{
- obj = UnwrapObjectChecked(obj);
+ obj = CheckedUnwrap(obj);
if (!obj)
return NULL;
JS_ASSERT(obj->isTypedArray());
JS_ASSERT(TypedArray::type(obj) == ArrayBufferView::TYPE_UINT8_CLAMPED);
return static_cast<uint8_t *>(TypedArray::viewData(obj));
}
JS_FRIEND_API(int16_t *)
JS_GetInt16ArrayData(JSObject *obj)
{
- obj = UnwrapObjectChecked(obj);
+ obj = CheckedUnwrap(obj);
if (!obj)
return NULL;
JS_ASSERT(obj->isTypedArray());
JS_ASSERT(TypedArray::type(obj) == ArrayBufferView::TYPE_INT16);
return static_cast<int16_t *>(TypedArray::viewData(obj));
}
JS_FRIEND_API(uint16_t *)
JS_GetUint16ArrayData(JSObject *obj)
{
- obj = UnwrapObjectChecked(obj);
+ obj = CheckedUnwrap(obj);
if (!obj)
return NULL;
JS_ASSERT(obj->isTypedArray());
JS_ASSERT(TypedArray::type(obj) == ArrayBufferView::TYPE_UINT16);
return static_cast<uint16_t *>(TypedArray::viewData(obj));
}
JS_FRIEND_API(int32_t *)
JS_GetInt32ArrayData(JSObject *obj)
{
- obj = UnwrapObjectChecked(obj);
+ obj = CheckedUnwrap(obj);
if (!obj)
return NULL;
JS_ASSERT(obj->isTypedArray());
JS_ASSERT(TypedArray::type(obj) == ArrayBufferView::TYPE_INT32);
return static_cast<int32_t *>(TypedArray::viewData(obj));
}
JS_FRIEND_API(uint32_t *)
JS_GetUint32ArrayData(JSObject *obj)
{
- obj = UnwrapObjectChecked(obj);
+ obj = CheckedUnwrap(obj);
if (!obj)
return NULL;
JS_ASSERT(obj->isTypedArray());
JS_ASSERT(TypedArray::type(obj) == ArrayBufferView::TYPE_UINT32);
return static_cast<uint32_t *>(TypedArray::viewData(obj));
}
JS_FRIEND_API(float *)
JS_GetFloat32ArrayData(JSObject *obj)
{
- obj = UnwrapObjectChecked(obj);
+ obj = CheckedUnwrap(obj);
if (!obj)
return NULL;
JS_ASSERT(obj->isTypedArray());
JS_ASSERT(TypedArray::type(obj) == ArrayBufferView::TYPE_FLOAT32);
return static_cast<float *>(TypedArray::viewData(obj));
}
JS_FRIEND_API(double *)
JS_GetFloat64ArrayData(JSObject *obj)
{
- obj = UnwrapObjectChecked(obj);
+ obj = CheckedUnwrap(obj);
if (!obj)
return NULL;
JS_ASSERT(obj->isTypedArray());
JS_ASSERT(TypedArray::type(obj) == ArrayBufferView::TYPE_FLOAT64);
return static_cast<double *>(TypedArray::viewData(obj));
}
JS_FRIEND_API(JSBool)
JS_IsDataViewObject(JSObject *obj)
{
- obj = UnwrapObjectChecked(obj);
+ obj = CheckedUnwrap(obj);
return obj ? obj->isDataView() : false;
}
JS_FRIEND_API(uint32_t)
JS_GetDataViewByteOffset(JSObject *obj)
{
- obj = UnwrapObjectChecked(obj);
+ obj = CheckedUnwrap(obj);
if (!obj)
return 0;
return obj->asDataView().byteOffset();
}
JS_FRIEND_API(void *)
JS_GetDataViewData(JSObject *obj)
{
- obj = UnwrapObjectChecked(obj);
+ obj = CheckedUnwrap(obj);
if (!obj)
return NULL;
JS_ASSERT(obj->isDataView());
return obj->asDataView().dataPointer();
}
JS_FRIEND_API(uint32_t)
JS_GetDataViewByteLength(JSObject *obj)
{
- obj = UnwrapObjectChecked(obj);
+ obj = CheckedUnwrap(obj);
if (!obj)
return 0;
JS_ASSERT(obj->isDataView());
return obj->asDataView().byteLength();
}
JS_FRIEND_API(void *)
JS_GetArrayBufferViewData(JSObject *obj)
{
- obj = UnwrapObjectChecked(obj);
+ obj = CheckedUnwrap(obj);
if (!obj)
return NULL;
JS_ASSERT(obj->isTypedArray() || obj->isDataView());
return obj->isDataView() ? obj->asDataView().dataPointer() : TypedArray::viewData(obj);
}
JS_FRIEND_API(JSObject *)
JS_GetArrayBufferViewBuffer(JSObject *obj)
{
- obj = UnwrapObjectChecked(obj);
+ obj = CheckedUnwrap(obj);
if (!obj)
return NULL;
JS_ASSERT(obj->isTypedArray() || obj->isDataView());
return &obj->getFixedSlot(BufferView::BUFFER_SLOT).toObject();
}
JS_FRIEND_API(uint32_t)
JS_GetArrayBufferViewByteLength(JSObject *obj)
{
- obj = UnwrapObjectChecked(obj);
+ obj = CheckedUnwrap(obj);
if (!obj)
return 0;
JS_ASSERT(obj->isTypedArray() || obj->isDataView());
return obj->isDataView()
? obj->asDataView().byteLength()
: TypedArray::byteLengthValue(obj).toInt32();
}
JS_FRIEND_API(JSObject *)
JS_GetObjectAsArrayBufferView(JSObject *obj, uint32_t *length, uint8_t **data)
{
- if (!(obj = UnwrapObjectChecked(obj)))
+ if (!(obj = CheckedUnwrap(obj)))
return NULL;
if (!(obj->isTypedArray() || obj->isDataView()))
return NULL;
*length = obj->isDataView() ? obj->asDataView().byteLength()
: TypedArray::byteLengthValue(obj).toInt32();
*data = static_cast<uint8_t *>(obj->isDataView() ? obj->asDataView().dataPointer()
: TypedArray::viewData(obj));
return obj;
}
JS_FRIEND_API(JSObject *)
JS_GetObjectAsArrayBuffer(JSObject *obj, uint32_t *length, uint8_t **data)
{
- if (!(obj = UnwrapObjectChecked(obj)))
+ if (!(obj = CheckedUnwrap(obj)))
return NULL;
if (!obj->isArrayBuffer())
return NULL;
*length = obj->asArrayBuffer().byteLength();
*data = obj->asArrayBuffer().dataPointer();
return obj;
--- a/js/src/jsweakmap.cpp
+++ b/js/src/jsweakmap.cpp
@@ -334,17 +334,17 @@ WeakMap_set(JSContext *cx, unsigned argc
CallArgs args = CallArgsFromVp(argc, vp);
return CallNonGenericMethod<IsWeakMap, WeakMap_set_impl>(cx, args);
}
JS_FRIEND_API(JSBool)
JS_NondeterministicGetWeakMapKeys(JSContext *cx, JSObject *objArg, JSObject **ret)
{
RootedObject obj(cx, objArg);
- obj = UnwrapObject(obj);
+ obj = UncheckedUnwrap(obj);
if (!obj || !obj->isWeakMap()) {
*ret = NULL;
return true;
}
RootedObject arr(cx, NewDenseEmptyArray(cx));
if (!arr)
return false;
ObjectValueMap *map = GetObjectMap(obj);
--- a/js/src/jswrapper.cpp
+++ b/js/src/jswrapper.cpp
@@ -66,31 +66,31 @@ Wrapper::wrapperHandler(RawObject wrappe
JSObject *
Wrapper::wrappedObject(RawObject wrapper)
{
JS_ASSERT(wrapper->isWrapper());
return GetProxyTargetObject(wrapper);
}
JS_FRIEND_API(JSObject *)
-js::UnwrapObject(JSObject *wrapped, bool stopAtOuter, unsigned *flagsp)
+js::UncheckedUnwrap(JSObject *wrapped, bool stopAtOuter, unsigned *flagsp)
{
unsigned flags = 0;
while (wrapped->isWrapper() &&
!JS_UNLIKELY(stopAtOuter && wrapped->getClass()->ext.innerObject)) {
flags |= Wrapper::wrapperHandler(wrapped)->flags();
wrapped = GetProxyPrivate(wrapped).toObjectOrNull();
}
if (flagsp)
*flagsp = flags;
return wrapped;
}
JS_FRIEND_API(JSObject *)
-js::UnwrapObjectChecked(RawObject obj, bool stopAtOuter)
+js::CheckedUnwrap(RawObject obj, bool stopAtOuter)
{
while (true) {
JSObject *wrapper = obj;
obj = UnwrapOneChecked(obj, stopAtOuter);
if (!obj || obj == wrapper)
return obj;
}
}
@@ -508,17 +508,17 @@ CrossCompartmentWrapper::construct(JSCon
}
bool
CrossCompartmentWrapper::nativeCall(JSContext *cx, IsAcceptableThis test, NativeImpl impl,
CallArgs srcArgs)
{
RootedObject wrapper(cx, &srcArgs.thisv().toObject());
JS_ASSERT(srcArgs.thisv().isMagic(JS_IS_CONSTRUCTING) ||
- !UnwrapObject(wrapper)->isCrossCompartmentWrapper());
+ !UncheckedUnwrap(wrapper)->isCrossCompartmentWrapper());
RootedObject wrapped(cx, wrappedObject(wrapper));
{
AutoCompartment call(cx, wrapped);
InvokeArgsGuard dstArgs;
if (!cx->stack.pushInvokeArgs(cx, srcArgs.length(), &dstArgs))
return false;
@@ -937,17 +937,17 @@ js::NukeCrossCompartmentWrappers(JSConte
for (JSCompartment::WrapperEnum e(c); !e.empty(); e.popFront()) {
// Some cross-compartment wrappers are for strings. We're not
// interested in those.
const CrossCompartmentKey &k = e.front().key;
if (k.kind != CrossCompartmentKey::ObjectWrapper)
continue;
AutoWrapperRooter wobj(cx, WrapperValue(e));
- JSObject *wrapped = UnwrapObject(wobj);
+ JSObject *wrapped = UncheckedUnwrap(wobj);
if (nukeReferencesToWindow == DontNukeWindowReferences &&
wrapped->getClass()->ext.innerObject)
continue;
if (targetFilter.match(wrapped->compartment())) {
// We found a wrapper to nuke.
e.removeFront();
--- a/js/src/jswrapper.h
+++ b/js/src/jswrapper.h
@@ -38,17 +38,17 @@ class JS_FRIEND_API(Wrapper) : public Di
CROSS_COMPARTMENT = 1 << 0,
LAST_USED_FLAG = CROSS_COMPARTMENT
};
/*
* Wrappers can explicitly specify that they are unsafe to unwrap from a
* security perspective (as is the case for SecurityWrappers). If a wrapper
* is not safe to unwrap, operations requiring full access to the underlying
- * object (via UnwrapObjectChecked) will throw. Otherwise, they will succeed.
+ * object (via CheckedUnwrap) will throw. Otherwise, they will succeed.
*/
void setSafeToUnwrap(bool safe) { mSafeToUnwrap = safe; }
virtual bool isSafeToUnwrap() { return mSafeToUnwrap; }
static JSObject *New(JSContext *cx, JSObject *obj, JSObject *proto,
JSObject *parent, Wrapper *handler);
static JSObject *Renew(JSContext *cx, JSObject *existing, JSObject *obj, Wrapper *handler);
@@ -221,24 +221,24 @@ IsWrapper(RawObject obj)
return IsProxy(obj) && GetProxyHandler(obj)->family() == &sWrapperFamily;
}
// Given a JSObject, returns that object stripped of wrappers. If
// stopAtOuter is true, then this returns the outer window if it was
// previously wrapped. Otherwise, this returns the first object for
// which JSObject::isWrapper returns false.
JS_FRIEND_API(JSObject *)
-UnwrapObject(JSObject *obj, bool stopAtOuter = true, unsigned *flagsp = NULL);
+UncheckedUnwrap(JSObject *obj, bool stopAtOuter = true, unsigned *flagsp = NULL);
// Given a JSObject, returns that object stripped of wrappers. At each stage,
// the security wrapper has the opportunity to veto the unwrap. Since checked
// code should never be unwrapping outer window wrappers, we always stop at
// outer windows.
JS_FRIEND_API(JSObject *)
-UnwrapObjectChecked(RawObject obj, bool stopAtOuter = true);
+CheckedUnwrap(RawObject obj, bool stopAtOuter = true);
// Unwrap only the outermost security wrapper, with the same semantics as
// above. This is the checked version of Wrapper::wrappedObject.
JS_FRIEND_API(JSObject *)
UnwrapOneChecked(RawObject obj, bool stopAtOuter = true);
JS_FRIEND_API(bool)
IsCrossCompartmentWrapper(RawObject obj);
--- a/js/src/shell/js.cpp
+++ b/js/src/shell/js.cpp
@@ -2279,17 +2279,17 @@ Clone(JSContext *cx, unsigned argc, jsva
return false;
}
{
Maybe<JSAutoCompartment> ac;
RootedObject obj(cx, JSVAL_IS_PRIMITIVE(args[0]) ? NULL : &args[0].toObject());
if (obj && IsCrossCompartmentWrapper(obj)) {
- obj = UnwrapObject(obj);
+ obj = UncheckedUnwrap(obj);
ac.construct(cx, obj);
args[0] = ObjectValue(*obj);
}
if (obj && obj->isFunction()) {
funobj = obj;
} else {
JSFunction *fun = JS_ValueToFunction(cx, args[0]);
if (!fun)
@@ -2515,17 +2515,17 @@ EvalInContext(JSContext *cx, unsigned ar
RootedScript script(cx);
unsigned lineno;
JS_DescribeScriptedCaller(cx, script.address(), &lineno);
RootedValue rval(cx);
{
Maybe<JSAutoCompartment> ac;
unsigned flags;
- JSObject *unwrapped = UnwrapObject(sobj, true, &flags);
+ JSObject *unwrapped = UncheckedUnwrap(sobj, true, &flags);
if (flags & Wrapper::CROSS_COMPARTMENT) {
sobj = unwrapped;
ac.construct(cx, sobj);
}
sobj = GetInnerObject(cx, sobj);
if (!sobj)
return false;
@@ -3455,17 +3455,17 @@ Deserialize(JSContext *cx, unsigned argc
static JSObject *
NewGlobalObject(JSContext *cx, JSObject *sameZoneAs);
static JSBool
NewGlobal(JSContext *cx, unsigned argc, jsval *vp)
{
JSObject *sameZoneAs = NULL;
if (argc == 1 && JS_ARGV(cx, vp)[0].isObject())
- sameZoneAs = UnwrapObject(&JS_ARGV(cx, vp)[0].toObject());
+ sameZoneAs = UncheckedUnwrap(&JS_ARGV(cx, vp)[0].toObject());
RootedObject global(cx, NewGlobalObject(cx, sameZoneAs));
if (!global)
return false;
if (!JS_WrapObject(cx, global.address()))
return false;
--- a/js/src/vm/Debugger.cpp
+++ b/js/src/vm/Debugger.cpp
@@ -1858,17 +1858,17 @@ Debugger::unwrapDebuggeeArgument(JSConte
if (obj->getClass() == &DebuggerObject_class) {
RootedValue rv(cx, v);
if (!unwrapDebuggeeValue(cx, &rv))
return NULL;
obj = &rv.toObject();
}
/* If we have a cross-compartment wrapper, dereference as far as is secure. */
- obj = UnwrapObjectChecked(obj);
+ obj = CheckedUnwrap(obj);
if (!obj) {
JS_ReportError(cx, "Permission denied to access object");
return NULL;
}
/* If that produced an outer window, innerize it. */
obj = GetInnerObject(cx, obj);
if (!obj)
@@ -4716,17 +4716,17 @@ DebuggerObject_makeDebuggeeValue(JSConte
}
static bool
RequireGlobalObject(JSContext *cx, HandleValue dbgobj, HandleObject obj)
{
if (!obj->isGlobal()) {
/* Help the poor programmer by pointing out wrappers around globals. */
if (obj->isWrapper()) {
- JSObject *unwrapped = js::UnwrapObject(obj);
+ JSObject *unwrapped = js::UncheckedUnwrap(obj);
if (unwrapped->isGlobal()) {
js_ReportValueErrorFlags(cx, JSREPORT_ERROR, JSMSG_DEBUG_WRAPPER_IN_WAY,
JSDVG_SEARCH_STACK, dbgobj, NullPtr(),
"a global object", NULL);
return false;
}
}
--- a/js/xpconnect/src/XPCCallContext.cpp
+++ b/js/xpconnect/src/XPCCallContext.cpp
@@ -143,17 +143,17 @@ XPCCallContext::Init(XPCContext::LangTyp
mMethodIndex = 0xDEAD;
mState = HAVE_OBJECT;
mTearOff = nullptr;
if (wrapperInitOptions == INIT_SHOULD_LOOKUP_WRAPPER) {
// If the object is a security wrapper, GetWrappedNativeOfJSObject can't
// handle it. Do special handling here to make cross-origin Xrays work.
- JSObject *unwrapped = js::UnwrapObjectChecked(obj, /* stopAtOuter = */ false);
+ JSObject *unwrapped = js::CheckedUnwrap(obj, /* stopAtOuter = */ false);
if (!unwrapped) {
mWrapper = UnwrapThisIfAllowed(obj, funobj, argc);
if (!mWrapper) {
JS_ReportError(mJSContext, "Permission denied to call method on |this|");
mState = INIT_FAILED;
return;
}
} else {
@@ -454,17 +454,17 @@ XPCLazyCallContext::AssertContextIsTopOf
}
#endif
XPCWrappedNative*
XPCCallContext::UnwrapThisIfAllowed(JSObject *object, JSObject *fun, unsigned argc)
{
JS::Rooted<JSObject *> obj(mJSContext, object);
// We should only get here for objects that aren't safe to unwrap.
- MOZ_ASSERT(!js::UnwrapObjectChecked(obj));
+ MOZ_ASSERT(!js::CheckedUnwrap(obj));
MOZ_ASSERT(js::IsObjectInContextCompartment(obj, mJSContext));
// We can't do anything here without a function.
if (!fun)
return nullptr;
// Determine if we're allowed to unwrap the security wrapper to invoke the
// method.
@@ -473,17 +473,17 @@ XPCCallContext::UnwrapThisIfAllowed(JSOb
// unfortunately our access checks are based on the object class name and
// property name. So we cheat a little bit here - we verify that the object
// does indeed implement the method's Interface, and then just check that we
// can successfully access property with method's name from the object.
// First, get the XPCWN out of the underlying object. We should have a wrapper
// here, potentially an outer window proxy, and then an XPCWN.
MOZ_ASSERT(js::IsWrapper(obj));
- JSObject *unwrapped = js::UnwrapObject(obj, /* stopAtOuter = */ false);
+ JSObject *unwrapped = js::UncheckedUnwrap(obj, /* stopAtOuter = */ false);
MOZ_ASSERT(unwrapped == JS_ObjectToInnerObject(mJSContext, js::Wrapper::wrappedObject(obj)));
// Make sure we have an XPCWN, and grab it.
MOZ_ASSERT(!IS_SLIM_WRAPPER(unwrapped), "security wrapping morphs slim wrappers");
if (!IS_WRAPPER_CLASS(js::GetObjectClass(unwrapped)))
return nullptr;
XPCWrappedNative *wn = (XPCWrappedNative*)js::GetObjectPrivate(unwrapped);
--- a/js/xpconnect/src/XPCComponents.cpp
+++ b/js/xpconnect/src/XPCComponents.cpp
@@ -2706,17 +2706,17 @@ nsXPCComponents_Utils::LookupMethod(cons
if (!JSVAL_IS_STRING(name))
return NS_ERROR_XPC_BAD_CONVERT_JS;
JSString *methodName = name.toString();
jsid methodId = INTERNED_STRING_TO_JSID(cx, JS_InternJSString(cx, methodName));
// If |obj| is a security wrapper, try to unwrap it. If this fails, we
// don't have full acccess to the object, in which case we throw.
// Otherwise, enter a compartment, since we may have just unwrapped a CCW.
- obj = js::UnwrapObjectChecked(obj);
+ obj = js::CheckedUnwrap(obj);
if (!obj) {
JS_ReportError(cx, "Permission denied to unwrap object");
return NS_ERROR_XPC_BAD_CONVERT_JS;
}
{
// Enter the target compartment.
JSAutoCompartment ac(cx, obj);
@@ -3306,17 +3306,17 @@ xpc_CreateSandboxObject(JSContext *cx, j
return rv;
}
}
MOZ_ASSERT(principal);
}
JSObject *sandbox;
JS::ZoneSpecifier zoneSpec = options.sameZoneAs
- ? JS::SameZoneAs(js::UnwrapObject(options.sameZoneAs))
+ ? JS::SameZoneAs(js::UncheckedUnwrap(options.sameZoneAs))
: JS::SystemZone;
sandbox = xpc::CreateGlobalObject(cx, &SandboxClass, principal, zoneSpec);
if (!sandbox)
return NS_ERROR_FAILURE;
// Set up the wantXrays flag, which indicates whether xrays are desired even
// for same-origin access.
//
@@ -3342,17 +3342,17 @@ xpc_CreateSandboxObject(JSContext *cx, j
if (xpc::WrapperFactory::IsXrayWrapper(options.proto) && !options.wantXrays) {
jsval v = OBJECT_TO_JSVAL(options.proto);
if (!xpc::WrapperFactory::WaiveXrayAndWrap(cx, &v))
return NS_ERROR_FAILURE;
options.proto = JSVAL_TO_OBJECT(v);
}
// Now check what sort of thing we've got in |proto|
- JSObject *unwrappedProto = js::UnwrapObject(options.proto, false);
+ JSObject *unwrappedProto = js::UncheckedUnwrap(options.proto, false);
js::Class *unwrappedClass = js::GetObjectClass(unwrappedProto);
if (IS_WRAPPER_CLASS(unwrappedClass) ||
mozilla::dom::IsDOMClass(Jsvalify(unwrappedClass))) {
// Wrap it up in a proxy that will do the right thing in terms
// of this-binding for methods.
options.proto = js::NewProxyObject(cx, &xpc::sandboxProxyHandler,
ObjectValue(*options.proto), nullptr,
sandbox);
@@ -3904,17 +3904,17 @@ xpc_EvalInSandbox(JSContext *cx, JSObjec
const char *filename, int32_t lineNo,
JSVersion jsVersion, bool returnStringOnly, jsval *rval)
{
JS_AbortIfWrongThread(JS_GetRuntime(cx));
JSAutoRequest ar(cx);
*rval = JS::UndefinedValue();
bool waiveXray = xpc::WrapperFactory::HasWaiveXrayFlag(sandbox);
- sandbox = js::UnwrapObjectChecked(sandbox);
+ sandbox = js::CheckedUnwrap(sandbox);
if (!sandbox || js::GetObjectJSClass(sandbox) != &SandboxClass) {
return NS_ERROR_INVALID_ARG;
}
nsIScriptObjectPrincipal *sop =
(nsIScriptObjectPrincipal*)xpc_GetJSPrivate(sandbox);
NS_ASSERTION(sop, "Invalid sandbox passed");
nsCOMPtr<nsIPrincipal> prin = sop->GetPrincipal();
@@ -4163,17 +4163,17 @@ nsXPCComponents_Utils::GetGlobalForObjec
return NS_ERROR_XPC_BAD_CONVERT_JS;
// Wrappers are parented to their the global in their home compartment. But
// when getting the global for a cross-compartment wrapper, we really want
// a wrapper for the foreign global. So we need to unwrap before getting the
// parent, enter the compartment for the duration of the call, and wrap the
// result.
JS::Rooted<JSObject*> obj(cx, JSVAL_TO_OBJECT(object));
- obj = js::UnwrapObject(obj);
+ obj = js::UncheckedUnwrap(obj);
{
JSAutoCompartment ac(cx, obj);
obj = JS_GetGlobalForObject(cx, obj);
}
JS_WrapObject(cx, obj.address());
*retval = OBJECT_TO_JSVAL(obj);
// Outerize if necessary.
@@ -4189,17 +4189,17 @@ nsXPCComponents_Utils::CreateObjectIn(co
{
if (!cx)
return NS_ERROR_FAILURE;
// first argument must be an object
if (JSVAL_IS_PRIMITIVE(vobj))
return NS_ERROR_XPC_BAD_CONVERT_JS;
- JSObject *scope = js::UnwrapObject(JSVAL_TO_OBJECT(vobj));
+ JSObject *scope = js::UncheckedUnwrap(JSVAL_TO_OBJECT(vobj));
JSObject *obj;
{
JSAutoCompartment ac(cx, scope);
obj = JS_NewObject(cx, nullptr, nullptr, scope);
if (!obj)
return NS_ERROR_FAILURE;
}
@@ -4215,17 +4215,17 @@ nsXPCComponents_Utils::CreateArrayIn(con
{
if (!cx)
return NS_ERROR_FAILURE;
// first argument must be an object
if (JSVAL_IS_PRIMITIVE(vobj))
return NS_ERROR_XPC_BAD_CONVERT_JS;
- JSObject *scope = js::UnwrapObject(JSVAL_TO_OBJECT(vobj));
+ JSObject *scope = js::UncheckedUnwrap(JSVAL_TO_OBJECT(vobj));
JSObject *obj;
{
JSAutoCompartment ac(cx, scope);
obj = JS_NewArrayObject(cx, 0, NULL);
if (!obj)
return NS_ERROR_FAILURE;
}
@@ -4243,17 +4243,17 @@ nsXPCComponents_Utils::CreateDateIn(cons
{
if (!cx)
return NS_ERROR_FAILURE;
// first argument must be an object
if (JSVAL_IS_PRIMITIVE(vobj))
return NS_ERROR_XPC_BAD_CONVERT_JS;
- JSObject *scope = js::UnwrapObject(JSVAL_TO_OBJECT(vobj));
+ JSObject *scope = js::UncheckedUnwrap(JSVAL_TO_OBJECT(vobj));
JSObject *obj;
{
JSAutoCompartment ac(cx, scope);
obj = JS_NewDateObjectMsec(cx, msec);
if (!obj)
return NS_ERROR_FAILURE;
}
@@ -4297,17 +4297,17 @@ nsXPCComponents_Utils::MakeObjectPropsNo
{
if (!cx)
return NS_ERROR_FAILURE;
// first argument must be an object
if (JSVAL_IS_PRIMITIVE(vobj))
return NS_ERROR_XPC_BAD_CONVERT_JS;
- JSObject *obj = js::UnwrapObject(JSVAL_TO_OBJECT(vobj));
+ JSObject *obj = js::UncheckedUnwrap(JSVAL_TO_OBJECT(vobj));
JSAutoCompartment ac(cx, obj);
JS::AutoIdArray ida(cx, JS_Enumerate(cx, obj));
if (!ida)
return NS_ERROR_FAILURE;
for (size_t i = 0; i < ida.length(); ++i) {
jsid id = ida[i];
@@ -4344,17 +4344,17 @@ nsXPCComponents_Utils::IsDeadWrapper(con
}
/* void recomputerWrappers(jsval vobj); */
NS_IMETHODIMP
nsXPCComponents_Utils::RecomputeWrappers(const jsval &vobj, JSContext *cx)
{
// Determine the compartment of the given object, if any.
JSCompartment *c = vobj.isObject()
- ? js::GetObjectCompartment(js::UnwrapObject(&vobj.toObject()))
+ ? js::GetObjectCompartment(js::UncheckedUnwrap(&vobj.toObject()))
: NULL;
// If no compartment was given, recompute all.
if (!c)
js::RecomputeWrappers(cx, js::AllCompartments(), js::AllCompartments());
// Otherwise, recompute wrappers for the given compartment.
else
js::RecomputeWrappers(cx, js::SingleCompartment(c), js::AllCompartments()) &&
@@ -4364,33 +4364,33 @@ nsXPCComponents_Utils::RecomputeWrappers
}
/* jsval setWantXrays(jsval vscope); */
NS_IMETHODIMP
nsXPCComponents_Utils::SetWantXrays(const jsval &vscope, JSContext *cx)
{
if (!vscope.isObject())
return NS_ERROR_INVALID_ARG;
- JSObject *scopeObj = js::UnwrapObject(&vscope.toObject());
+ JSObject *scopeObj = js::UncheckedUnwrap(&vscope.toObject());
JSCompartment *compartment = js::GetObjectCompartment(scopeObj);
EnsureCompartmentPrivate(scopeObj)->wantXrays = true;
bool ok = js::RecomputeWrappers(cx, js::SingleCompartment(compartment),
js::AllCompartments());
NS_ENSURE_TRUE(ok, NS_ERROR_FAILURE);
return NS_OK;
}
/* jsval getComponentsForScope(jsval vscope); */
NS_IMETHODIMP
nsXPCComponents_Utils::GetComponentsForScope(const jsval &vscope, JSContext *cx,
jsval *rval)
{
if (!vscope.isObject())
return NS_ERROR_INVALID_ARG;
- JSObject *scopeObj = js::UnwrapObject(&vscope.toObject());
+ JSObject *scopeObj = js::UncheckedUnwrap(&vscope.toObject());
XPCWrappedNativeScope *scope = GetObjectScope(scopeObj);
XPCCallContext ccx(NATIVE_CALLER, cx);
JSObject *components = scope->GetComponentsJSObject(ccx);
if (!components)
return NS_ERROR_FAILURE;
*rval = ObjectValue(*components);
if (!JS_WrapValue(cx, rval))
return NS_ERROR_FAILURE;
@@ -4400,17 +4400,17 @@ nsXPCComponents_Utils::GetComponentsForS
NS_IMETHODIMP
nsXPCComponents_Utils::Dispatch(const jsval &runnable_, const jsval &scope,
JSContext *cx)
{
// Enter the given compartment, if any, and rewrap runnable.
Maybe<JSAutoCompartment> ac;
js::Value runnable = runnable_;
if (scope.isObject()) {
- JSObject *scopeObj = js::UnwrapObject(&scope.toObject());
+ JSObject *scopeObj = js::UncheckedUnwrap(&scope.toObject());
if (!scopeObj)
return NS_ERROR_FAILURE;
ac.construct(cx, scopeObj);
if (!JS_WrapValue(cx, &runnable))
return NS_ERROR_FAILURE;
}
// Get an XPCWrappedJS for |runnable|.
@@ -4513,17 +4513,17 @@ nsXPCComponents_Utils::SetGCZeal(int32_t
}
NS_IMETHODIMP
nsXPCComponents_Utils::NukeSandbox(const JS::Value &obj, JSContext *cx)
{
NS_ENSURE_TRUE(obj.isObject(), NS_ERROR_INVALID_ARG);
JSObject *wrapper = &obj.toObject();
NS_ENSURE_TRUE(IsWrapper(wrapper), NS_ERROR_INVALID_ARG);
- JSObject *sb = UnwrapObject(wrapper);
+ JSObject *sb = UncheckedUnwrap(wrapper);
NS_ENSURE_TRUE(GetObjectJSClass(sb) == &SandboxClass, NS_ERROR_INVALID_ARG);
NukeCrossCompartmentWrappers(cx, AllCompartments(),
SingleCompartment(GetObjectCompartment(sb)),
NukeWindowReferences);
return NS_OK;
}
NS_IMETHODIMP
--- a/js/xpconnect/src/XPCConvert.cpp
+++ b/js/xpconnect/src/XPCConvert.cpp
@@ -1026,25 +1026,25 @@ XPCConvert::JSObject2NativeInterface(JSC
// Note that if we have a non-null aOuter then it means that we are
// forcing the creation of a wrapper even if the object *is* a
// wrappedNative or other wise has 'nsISupportness'.
// This allows wrapJSAggregatedToNative to work.
// If we're looking at a security wrapper, see now if we're allowed to
// pass it to C++. If we are, then fall through to the code below. If
// we aren't, throw an exception eagerly.
- JSObject* inner = js::UnwrapObjectChecked(src, /* stopAtOuter = */ false);
+ JSObject* inner = js::CheckedUnwrap(src, /* stopAtOuter = */ false);
// Hack - For historical reasons, wrapped chrome JS objects have been
// passable as native interfaces. We'd like to fix this, but it
// involves fixing the contacts API and PeerConnection to stop using
// COWs. This needs to happen, but for now just preserve the old
// behavior.
if (!inner && MOZ_UNLIKELY(xpc::WrapperFactory::IsCOW(src)))
- inner = js::UnwrapObject(src);
+ inner = js::UncheckedUnwrap(src);
if (!inner) {
if (pErr)
*pErr = NS_ERROR_XPC_SECURITY_MANAGER_VETO;
return false;
}
// Is this really a native xpcom object with a wrapper?
XPCWrappedNative* wrappedNative = nullptr;
@@ -1171,17 +1171,17 @@ XPCConvert::JSValToXPCException(XPCCallC
JSObject* obj = JSVAL_TO_OBJECT(s);
if (!obj) {
NS_ERROR("when is an object not an object?");
return NS_ERROR_FAILURE;
}
// is this really a native xpcom object with a wrapper?
- JSObject *unwrapped = js::UnwrapObjectChecked(obj, /* stopAtOuter = */ false);
+ JSObject *unwrapped = js::CheckedUnwrap(obj, /* stopAtOuter = */ false);
if (!unwrapped)
return NS_ERROR_XPC_SECURITY_MANAGER_VETO;
XPCWrappedNative* wrapper = IS_WN_WRAPPER(unwrapped) ? XPCWrappedNative::Get(unwrapped)
: nullptr;
if (wrapper) {
nsISupports* supports = wrapper->GetIdentityObject();
nsCOMPtr<nsIException> iface = do_QueryInterface(supports);
if (iface) {
--- a/js/xpconnect/src/XPCJSID.cpp
+++ b/js/xpconnect/src/XPCJSID.cpp
@@ -452,17 +452,17 @@ nsJSIID::Enumerate(nsIXPConnectWrappedNa
/*
* HasInstance hooks need to find an appropriate reflector in order to function
* properly. There are two complexities that we need to handle:
*
* 1 - Cross-compartment wrappers. Chrome uses over 100 compartments, all with
* system principal. The success of an instanceof check should not depend
* on which compartment an object comes from. At the same time, we want to
* make sure we don't unwrap important security wrappers.
- * UnwrapObjectChecked does the right thing here.
+ * CheckedUnwrap does the right thing here.
*
* 2 - Prototype chains. Suppose someone creates a vanilla JS object |a| and
* sets its __proto__ to some WN |b|. If |b instanceof nsIFoo| returns true,
* one would expect |a instanceof nsIFoo| to return true as well, since
* instanceof is transitive up the prototype chain in ECMAScript. Moreover,
* there's chrome code that relies on this.
*
* This static method handles both complexities, returning either an XPCWN, a
@@ -470,17 +470,17 @@ nsJSIID::Enumerate(nsIXPConnectWrappedNa
* from |cx|.
*/
static JSObject *
FindObjectForHasInstance(JSContext *cx, JSObject *obj)
{
while (obj && !IS_WRAPPER_CLASS(js::GetObjectClass(obj)) && !IsDOMObject(obj))
{
if (js::IsWrapper(obj))
- obj = js::UnwrapObjectChecked(obj, /* stopAtOuter = */ false);
+ obj = js::CheckedUnwrap(obj, /* stopAtOuter = */ false);
else if (!js::GetObjectProto(cx, obj, &obj))
return nullptr;
}
return obj;
}
/* bool hasInstance (in nsIXPConnectWrappedNative wrapper, in JSContextPtr cx, in JSObjectPtr obj, in jsval val, out bool bp); */
@@ -904,17 +904,17 @@ xpc_NewIDObject(JSContext *cx, JSObject*
const nsID*
xpc_JSObjectToID(JSContext *cx, JSObject* obj)
{
if (!cx || !obj)
return nullptr;
// NOTE: this call does NOT addref
XPCWrappedNative* wrapper = nullptr;
- obj = js::UnwrapObjectChecked(obj);
+ obj = js::CheckedUnwrap(obj);
if (obj && IS_WN_WRAPPER(obj))
wrapper = XPCWrappedNative::Get(obj);
if (wrapper &&
(wrapper->HasInterfaceNoQI(NS_GET_IID(nsIJSID)) ||
wrapper->HasInterfaceNoQI(NS_GET_IID(nsIJSIID)) ||
wrapper->HasInterfaceNoQI(NS_GET_IID(nsIJSCID)))) {
return ((nsIJSID*)wrapper->GetIdentityObject())->GetID();
}
@@ -922,17 +922,17 @@ xpc_JSObjectToID(JSContext *cx, JSObject
}
JSBool
xpc_JSObjectIsID(JSContext *cx, JSObject* obj)
{
NS_ASSERTION(cx && obj, "bad param");
// NOTE: this call does NOT addref
XPCWrappedNative* wrapper = nullptr;
- obj = js::UnwrapObjectChecked(obj);
+ obj = js::CheckedUnwrap(obj);
if (obj && IS_WN_WRAPPER(obj))
wrapper = XPCWrappedNative::Get(obj);
return wrapper &&
(wrapper->HasInterfaceNoQI(NS_GET_IID(nsIJSID)) ||
wrapper->HasInterfaceNoQI(NS_GET_IID(nsIJSIID)) ||
wrapper->HasInterfaceNoQI(NS_GET_IID(nsIJSCID)));
}
--- a/js/xpconnect/src/XPCQuickStubs.cpp
+++ b/js/xpconnect/src/XPCQuickStubs.cpp
@@ -542,19 +542,19 @@ getWrapper(JSContext *cx,
XPCWrappedNativeTearOff **tearoff)
{
// We can have at most three layers in need of unwrapping here:
// * A (possible) security wrapper
// * A (possible) Xray waiver
// * A (possible) outer window
//
// If we pass stopAtOuter == false, we can handle all three with one call
- // to js::UnwrapObjectChecked.
+ // to js::CheckedUnwrap.
if (js::IsWrapper(obj)) {
- obj = js::UnwrapObjectChecked(obj, /* stopAtOuter = */ false);
+ obj = js::CheckedUnwrap(obj, /* stopAtOuter = */ false);
// The safe unwrap might have failed if we encountered an object that
// we're not allowed to unwrap. If it didn't fail though, we should be
// done with wrappers.
if (!obj)
return NS_ERROR_XPC_SECURITY_MANAGER_VETO;
MOZ_ASSERT(!js::IsWrapper(obj));
}
--- a/js/xpconnect/src/XPCVariant.cpp
+++ b/js/xpconnect/src/XPCVariant.cpp
@@ -35,17 +35,17 @@ XPCVariant::XPCVariant(JSContext* cx, js
// some later point after teardown, which would crash. This is shouldn't
// be a problem anymore because SetParentToWindow will do the right
// thing, but I'm saving the cleanup here for another day. Blake thinks
// that we should just not store the WN if we're creating a variant for
// an outer window.
JSObject *obj = JS_ObjectToInnerObject(cx, JSVAL_TO_OBJECT(mJSVal));
mJSVal = OBJECT_TO_JSVAL(obj);
- JSObject *unwrapped = js::UnwrapObjectChecked(obj, /* stopAtOuter = */ false);
+ JSObject *unwrapped = js::CheckedUnwrap(obj, /* stopAtOuter = */ false);
mReturnRawObject = !(unwrapped && IS_WN_WRAPPER(unwrapped));
} else
mReturnRawObject = false;
}
XPCTraceableVariant::~XPCTraceableVariant()
{
jsval val = GetJSValPreserveColor();
--- a/js/xpconnect/src/XPCWrappedJSClass.cpp
+++ b/js/xpconnect/src/XPCWrappedJSClass.cpp
@@ -747,17 +747,17 @@ nsXPCWrappedJSClass::DelegatedQueryInter
JSObject*
nsXPCWrappedJSClass::GetRootJSObject(JSContext* cx, JSObject* aJSObj)
{
JSObject* result = CallQueryInterfaceOnJSObject(cx, aJSObj,
NS_GET_IID(nsISupports));
if (!result)
return aJSObj;
- JSObject* inner = js::UnwrapObject(result);
+ JSObject* inner = js::UncheckedUnwrap(result);
if (inner)
return inner;
return result;
}
void
xpcWrappedJSErrorReporter(JSContext *cx, const char *message,
JSErrorReport *report)
--- a/js/xpconnect/src/XPCWrappedNative.cpp
+++ b/js/xpconnect/src/XPCWrappedNative.cpp
@@ -1680,17 +1680,17 @@ RescueOrphans(XPCCallContext& ccx, JSObj
// compartment and fix it up there. We'll fix up |this| afterwards.
//
// NB: We pass stopAtOuter=false during the unwrap because Location objects
// are parented to outer window proxies.
nsresult rv;
JSObject *parentObj = js::GetObjectParent(obj);
if (!parentObj)
return NS_OK; // Global object. We're done.
- parentObj = js::UnwrapObject(parentObj, /* stopAtOuter = */ false);
+ parentObj = js::UncheckedUnwrap(parentObj, /* stopAtOuter = */ false);
// PreCreate may touch dead compartments.
js::AutoMaybeTouchDeadZones agc(parentObj);
bool isWN = IS_WRAPPER_CLASS(js::GetObjectClass(obj));
// There's one little nasty twist here. For reasons described in bug 752764,
// we nuke SOW-ed objects after transplanting them. This means that nodes
@@ -1725,17 +1725,17 @@ RescueOrphans(XPCCallContext& ccx, JSObj
// Now that we know our parent is in the right place, determine if we've
// been orphaned. If not, we have nothing to do.
if (!js::IsCrossCompartmentWrapper(parentObj))
return NS_OK;
// We've been orphaned. Find where our parent went, and follow it.
if (isWN) {
- JSObject *realParent = js::UnwrapObject(parentObj);
+ JSObject *realParent = js::UncheckedUnwrap(parentObj);
XPCWrappedNative *wn =
static_cast<XPCWrappedNative*>(js::GetObjectPrivate(obj));
return wn->ReparentWrapperIfFound(ccx, GetObjectScope(parentObj),
GetObjectScope(realParent),
realParent, wn->GetIdentityObject());
}
return ReparentWrapper(ccx, obj);
--- a/js/xpconnect/src/XPCWrappedNativeInfo.cpp
+++ b/js/xpconnect/src/XPCWrappedNativeInfo.cpp
@@ -13,17 +13,17 @@
// XPCNativeMember
// static
JSBool
XPCNativeMember::GetCallInfo(JSObject* funobj,
XPCNativeInterface** pInterface,
XPCNativeMember** pMember)
{
- funobj = js::UnwrapObject(funobj);
+ funobj = js::UncheckedUnwrap(funobj);
jsval ifaceVal = js::GetFunctionNativeReserved(funobj, 0);
jsval memberVal = js::GetFunctionNativeReserved(funobj, 1);
*pInterface = (XPCNativeInterface*) JSVAL_TO_PRIVATE(ifaceVal);
*pMember = (XPCNativeMember*) JSVAL_TO_PRIVATE(memberVal);
return true;
}
--- a/js/xpconnect/src/XPCWrappedNativeJSOps.cpp
+++ b/js/xpconnect/src/XPCWrappedNativeJSOps.cpp
@@ -845,17 +845,17 @@ XPC_WN_MaybeResolvingStrictPropertyStub(
XPCWrappedNative::GetAndMorphWrappedNativeOfJSObject(cx, obj); \
THROW_AND_RETURN_IF_BAD_WRAPPER(cx, wrapper); \
bool retval = true; \
nsresult rv = wrapper->GetScriptableCallback()->
#define PRE_HELPER_STUB \
XPCWrappedNative* wrapper; \
nsIXPCScriptable* si; \
- JSObject *unwrapped = js::UnwrapObjectChecked(obj, false); \
+ JSObject *unwrapped = js::CheckedUnwrap(obj, false); \
if (!unwrapped) { \
JS_ReportError(cx, "Permission denied to operate on object."); \
return false; \
} \
if (!IS_WRAPPER_CLASS(js::GetObjectClass(unwrapped))) { \
return Throw(NS_ERROR_XPC_BAD_OP_ON_WN_PROTO, cx); \
} \
if (IS_SLIM_WRAPPER_OBJECT(unwrapped)) { \
--- a/js/xpconnect/src/XPCWrappedNativeScope.cpp
+++ b/js/xpconnect/src/XPCWrappedNativeScope.cpp
@@ -256,29 +256,29 @@ XPCWrappedNativeScope::EnsureXBLScope(JS
// Create the sandbox.
JSAutoRequest ar(cx);
JS::Value v = JS::UndefinedValue();
nsresult rv = xpc_CreateSandboxObject(cx, &v, ep, options);
NS_ENSURE_SUCCESS(rv, nullptr);
mXBLScope = &v.toObject();
// Tag it.
- EnsureCompartmentPrivate(js::UnwrapObject(mXBLScope))->scope->mIsXBLScope = true;
+ EnsureCompartmentPrivate(js::UncheckedUnwrap(mXBLScope))->scope->mIsXBLScope = true;
// Good to go!
return mXBLScope;
}
namespace xpc {
JSObject *GetXBLScope(JSContext *cx, JSObject *contentScope)
{
JSAutoCompartment ac(cx, contentScope);
JSObject *scope = EnsureCompartmentPrivate(contentScope)->scope->EnsureXBLScope(cx);
NS_ENSURE_TRUE(scope, nullptr); // See bug 858642.
- scope = js::UnwrapObject(scope);
+ scope = js::UncheckedUnwrap(scope);
xpc_UnmarkGrayObject(scope);
return scope;
}
bool AllowXBLScope(JSCompartment *c)
{
XPCWrappedNativeScope *scope = EnsureCompartmentPrivate(c)->scope;
return scope && scope->AllowXBLScope();
--- a/js/xpconnect/src/XPCWrapper.cpp
+++ b/js/xpconnect/src/XPCWrapper.cpp
@@ -59,17 +59,17 @@ XrayWrapperConstructor(JSContext *cx, un
}
JSObject *obj = JSVAL_TO_OBJECT(vp[2]);
if (!js::IsWrapper(obj)) {
*vp = OBJECT_TO_JSVAL(obj);
return true;
}
- obj = js::UnwrapObject(obj);
+ obj = js::UncheckedUnwrap(obj);
*vp = OBJECT_TO_JSVAL(obj);
return JS_WrapValue(cx, vp);
}
// static
bool
AttachNewConstructorObject(XPCCallContext &ccx, JSObject *aGlobalObject)
{
@@ -87,15 +87,15 @@ AttachNewConstructorObject(XPCCallContex
} // namespace XPCNativeWrapper
namespace XPCWrapper {
JSObject *
UnsafeUnwrapSecurityWrapper(JSObject *obj)
{
if (js::IsProxy(obj)) {
- return js::UnwrapObject(obj);
+ return js::UncheckedUnwrap(obj);
}
return obj;
}
} // namespace XPCWrapper
--- a/js/xpconnect/src/nsXPConnect.cpp
+++ b/js/xpconnect/src/nsXPConnect.cpp
@@ -1325,17 +1325,17 @@ nsXPConnect::GetNativeOfWrapper(JSContex
NS_ASSERTION(aJSObj, "bad param");
XPCCallContext ccx(NATIVE_CALLER, aJSContext);
if (!ccx.IsValid()) {
UnexpectedFailure(NS_ERROR_FAILURE);
return nullptr;
}
- aJSObj = js::UnwrapObjectChecked(aJSObj, /* stopAtOuter = */ false);
+ aJSObj = js::CheckedUnwrap(aJSObj, /* stopAtOuter = */ false);
if (!aJSObj) {
JS_ReportError(aJSContext, "Permission denied to get native of security wrapper");
return nullptr;
}
if (IS_WRAPPER_CLASS(js::GetObjectClass(aJSObj))) {
if (IS_SLIM_WRAPPER_OBJECT(aJSObj))
return (nsISupports*)xpc_GetJSPrivate(aJSObj);
else if (XPCWrappedNative *wn = XPCWrappedNative::Get(aJSObj))
--- a/js/xpconnect/src/xpcprivate.h
+++ b/js/xpconnect/src/xpcprivate.h
@@ -2772,17 +2772,17 @@ public:
nsISupports* Object,
XPCWrappedNativeScope* Scope,
XPCNativeInterface* Interface,
XPCWrappedNative** wrapper);
static XPCWrappedNative*
GetAndMorphWrappedNativeOfJSObject(JSContext* cx, JSObject* obj)
{
- obj = js::UnwrapObjectChecked(obj, /* stopAtOuter = */ false);
+ obj = js::CheckedUnwrap(obj, /* stopAtOuter = */ false);
if (!obj)
return nullptr;
if (!IS_WRAPPER_CLASS(js::GetObjectClass(obj)))
return nullptr;
if (IS_SLIM_WRAPPER_OBJECT(obj) && !MorphSlimWrapper(cx, obj))
return nullptr;
MOZ_ASSERT(IS_WN_WRAPPER(obj));
--- a/js/xpconnect/wrappers/AccessCheck.cpp
+++ b/js/xpconnect/wrappers/AccessCheck.cpp
@@ -78,17 +78,17 @@ AccessCheck::subsumesIgnoringDomain(JSCo
return subsumes;
}
// Does the compartment of the wrapper subsumes the compartment of the wrappee?
bool
AccessCheck::wrapperSubsumes(JSObject *wrapper)
{
MOZ_ASSERT(js::IsWrapper(wrapper));
- JSObject *wrapped = js::UnwrapObject(wrapper);
+ JSObject *wrapped = js::UncheckedUnwrap(wrapper);
return AccessCheck::subsumes(js::GetObjectCompartment(wrapper),
js::GetObjectCompartment(wrapped));
}
bool
AccessCheck::isChrome(JSCompartment *compartment)
{
nsIScriptSecurityManager *ssm = XPCWrapper::GetSecurityManager();
@@ -253,17 +253,17 @@ AccessCheck::needsSystemOnlyWrapper(JSOb
XPCWrappedNative *wn = static_cast<XPCWrappedNative *>(js::GetObjectPrivate(obj));
return wn->NeedsSOW();
}
bool
OnlyIfSubjectIsSystem::isSafeToUnwrap()
{
// It's nasty to use the context stack here, but the alternative is passing cx all
- // the way down through UnwrapObjectChecked, which we just undid in a 100k patch. :-(
+ // the way down through CheckedUnwrap, which we just undid in a 100k patch. :-(
JSContext *cx = nsContentUtils::GetCurrentJSContext();
if (!cx)
return true;
// If XBL scopes are enabled for this compartment, this hook doesn't need to
// be dynamic at all, since SOWs can be opaque.
if (xpc::AllowXBLScope(js::GetContextCompartment(cx)))
return false;
return AccessCheck::isSystemOnlyAccessPermitted(cx);
@@ -323,17 +323,17 @@ ExposedPropertiesOnly::check(JSContext *
if (!exposedProps.isObject()) {
EnterAndThrow(cx, wrapper, "__exposedProps__ must be undefined, null, or an Object");
return false;
}
JSObject *hallpass = &exposedProps.toObject();
- if (!AccessCheck::subsumes(js::UnwrapObject(hallpass), wrappedObject)) {
+ if (!AccessCheck::subsumes(js::UncheckedUnwrap(hallpass), wrappedObject)) {
EnterAndThrow(cx, wrapper, "Invalid __exposedProps__");
return false;
}
Access access = NO_ACCESS;
JSPropertyDescriptor desc;
if (!JS_GetPropertyDescriptorById(cx, hallpass, id, 0, &desc)) {
--- a/js/xpconnect/wrappers/ChromeObjectWrapper.cpp
+++ b/js/xpconnect/wrappers/ChromeObjectWrapper.cpp
@@ -26,17 +26,17 @@ AllowedByBase(JSContext *cx, JS::Handle<
ChromeObjectWrapper *handler = &ChromeObjectWrapper::singleton;
return handler->ChromeObjectWrapperBase::enter(cx, wrapper, id, act, &bp);
}
static bool
PropIsFromStandardPrototype(JSContext *cx, JSPropertyDescriptor *desc)
{
MOZ_ASSERT(desc->obj);
- JSObject *unwrapped = js::UnwrapObject(desc->obj);
+ JSObject *unwrapped = js::UncheckedUnwrap(desc->obj);
JSAutoCompartment ac(cx, unwrapped);
return JS_IdentifyClassPrototype(cx, unwrapped) != JSProto_Null;
}
// Note that we're past the policy enforcement stage, here, so we can query
// ChromeObjectWrapperBase and get an unfiltered view of the underlying object.
// This lets us determine whether the property we would have found (given a
// transparent wrapper) would have come off a standard prototype.
--- a/js/xpconnect/wrappers/WrapperFactory.cpp
+++ b/js/xpconnect/wrappers/WrapperFactory.cpp
@@ -45,17 +45,17 @@ WrapperFactory::IsCOW(JSObject *obj)
return IsWrapper(obj) &&
Wrapper::wrapperHandler(obj) == &ChromeObjectWrapper::singleton;
}
JSObject *
WrapperFactory::GetXrayWaiver(JSObject *obj)
{
// Object should come fully unwrapped but outerized.
- MOZ_ASSERT(obj == UnwrapObject(obj));
+ MOZ_ASSERT(obj == UncheckedUnwrap(obj));
MOZ_ASSERT(!js::GetObjectClass(obj)->ext.outerObject);
XPCWrappedNativeScope *scope = GetObjectScope(obj);
MOZ_ASSERT(scope);
if (!scope->mWaiverWrapperMap)
return NULL;
return xpc_UnmarkGrayObject(scope->mWaiverWrapperMap->Find(obj));
}
@@ -95,17 +95,17 @@ WrapperFactory::CreateXrayWaiver(JSConte
if (!scope->mWaiverWrapperMap->Add(obj, waiver))
return nullptr;
return waiver;
}
JSObject *
WrapperFactory::WaiveXray(JSContext *cx, JSObject *obj)
{
- obj = UnwrapObject(obj);
+ obj = UncheckedUnwrap(obj);
MOZ_ASSERT(!js::IsInnerObject(obj));
JSObject *waiver = GetXrayWaiver(obj);
if (waiver)
return waiver;
return CreateXrayWaiver(cx, obj);
}
@@ -129,17 +129,17 @@ WrapperFactory::PrepareForWrapping(JSCon
// Outerize any raw inner objects at the entry point here, so that we don't
// have to worry about them for the rest of the wrapping code.
if (js::IsInnerObject(obj)) {
JSAutoCompartment ac(cx, obj);
obj = JS_ObjectToOuterObject(cx, obj);
NS_ENSURE_TRUE(obj, nullptr);
// The outerization hook wraps, which means that we can end up with a
// CCW here if |obj| was a navigated-away-from inner. Strip any CCWs.
- obj = js::UnwrapObject(obj);
+ obj = js::UncheckedUnwrap(obj);
MOZ_ASSERT(js::IsOuterObject(obj));
}
// If we've got an outer window, there's nothing special that needs to be
// done here, and we can move on to the next phase of wrapping. We handle
// this case first to allow us to assert against wrappers below.
if (js::IsOuterObject(obj))
return DoubleWrap(cx, obj, flags);
@@ -519,32 +519,32 @@ WrapperFactory::WrapForSameCompartment(J
return obj;
// Extract the WN. It should exist.
XPCWrappedNative *wn = static_cast<XPCWrappedNative *>(xpc_GetJSPrivate(obj));
MOZ_ASSERT(wn, "Trying to wrap a dead WN!");
// The WN knows what to do.
JSObject *wrapper = wn->GetSameCompartmentSecurityWrapper(cx);
- MOZ_ASSERT_IF(wrapper != obj && IsComponentsObject(js::UnwrapObject(obj)),
+ MOZ_ASSERT_IF(wrapper != obj && IsComponentsObject(js::UncheckedUnwrap(obj)),
!Wrapper::wrapperHandler(wrapper)->isSafeToUnwrap());
return wrapper;
}
// Call WaiveXrayAndWrap when you have a JS object that you don't want to be
// wrapped in an Xray wrapper. cx->compartment is the compartment that will be
// using the returned object. If the object to be wrapped is already in the
// correct compartment, then this returns the unwrapped object.
bool
WrapperFactory::WaiveXrayAndWrap(JSContext *cx, jsval *vp)
{
if (JSVAL_IS_PRIMITIVE(*vp))
return JS_WrapValue(cx, vp);
- JSObject *obj = js::UnwrapObject(JSVAL_TO_OBJECT(*vp));
+ JSObject *obj = js::UncheckedUnwrap(JSVAL_TO_OBJECT(*vp));
MOZ_ASSERT(!js::IsInnerObject(obj));
if (js::IsObjectInContextCompartment(obj, cx)) {
*vp = OBJECT_TO_JSVAL(obj);
return true;
}
obj = WaiveXray(cx, obj);
if (!obj)
--- a/js/xpconnect/wrappers/WrapperFactory.h
+++ b/js/xpconnect/wrappers/WrapperFactory.h
@@ -17,30 +17,30 @@ class WrapperFactory {
public:
enum { WAIVE_XRAY_WRAPPER_FLAG = js::Wrapper::LAST_USED_FLAG << 1,
IS_XRAY_WRAPPER_FLAG = WAIVE_XRAY_WRAPPER_FLAG << 1,
SOW_FLAG = IS_XRAY_WRAPPER_FLAG << 1 };
// Return true if any of any of the nested wrappers have the flag set.
static bool HasWrapperFlag(JSObject *wrapper, unsigned flag) {
unsigned flags = 0;
- js::UnwrapObject(wrapper, true, &flags);
+ js::UncheckedUnwrap(wrapper, true, &flags);
return !!(flags & flag);
}
static bool IsXrayWrapper(JSObject *wrapper) {
return HasWrapperFlag(wrapper, IS_XRAY_WRAPPER_FLAG);
}
static bool HasWaiveXrayFlag(JSObject *wrapper) {
return HasWrapperFlag(wrapper, WAIVE_XRAY_WRAPPER_FLAG);
}
static bool IsSecurityWrapper(JSObject *obj) {
- return !js::UnwrapObjectChecked(obj);
+ return !js::CheckedUnwrap(obj);
}
static bool IsCOW(JSObject *wrapper);
static JSObject *GetXrayWaiver(JSObject *obj);
static JSObject *CreateXrayWaiver(JSContext *cx, JSObject *obj);
static JSObject *WaiveXray(JSContext *cx, JSObject *obj);
--- a/js/xpconnect/wrappers/XrayWrapper.cpp
+++ b/js/xpconnect/wrappers/XrayWrapper.cpp
@@ -47,17 +47,17 @@ JSClass HolderClass = {
};
}
using namespace XrayUtils;
XrayType
GetXrayType(JSObject *obj)
{
- obj = js::UnwrapObject(obj, /* stopAtOuter = */ false);
+ obj = js::UncheckedUnwrap(obj, /* stopAtOuter = */ false);
if (mozilla::dom::UseDOMXray(obj))
return XrayForDOMObject;
js::Class* clasp = js::GetObjectClass(obj);
if (IS_WRAPPER_CLASS(clasp) || clasp->ext.innerObject) {
NS_ASSERTION(clasp->ext.innerObject || IS_WN_WRAPPER_OBJECT(obj),
"We forgot to Morph a slim wrapper!");
return XrayForWrappedNative;
@@ -126,17 +126,17 @@ public:
{
}
};
class XrayTraits
{
public:
static JSObject* getTargetObject(JSObject *wrapper) {
- return js::UnwrapObject(wrapper, /* stopAtOuter = */ false);
+ return js::UncheckedUnwrap(wrapper, /* stopAtOuter = */ false);
}
virtual bool resolveOwnProperty(JSContext *cx, Wrapper &jsWrapper,
HandleObject wrapper, HandleObject holder,
HandleId id, JSPropertyDescriptor *desc, unsigned flags);
static bool call(JSContext *cx, HandleObject wrapper, const JS::CallArgs &args)
{