Bug 908750 - Fix a rooting hazard in nsScriptSecurityManger::LookupPolicy; r=bholley
authorTerrence Cole <terrence@mozilla.com>
Fri, 23 Aug 2013 08:51:40 -0700
changeset 161440 1c9f1b7a9899206e34f323a642239b8d328973ca
parent 161439 623728a4a34bdbc8c72e5f310d300f99b308f506
child 161441 e626543f0a79e6634d616b4be7901952349f2474
push id3066
push userakeybl@mozilla.com
push dateMon, 09 Dec 2013 19:58:46 +0000
treeherdermozilla-beta@a31a0dce83aa [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbholley
bugs908750
milestone27.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 908750 - Fix a rooting hazard in nsScriptSecurityManger::LookupPolicy; r=bholley
caps/include/nsScriptSecurityManager.h
caps/src/nsScriptSecurityManager.cpp
--- a/caps/include/nsScriptSecurityManager.h
+++ b/caps/include/nsScriptSecurityManager.h
@@ -404,17 +404,18 @@ private:
 
     nsresult
     CheckSameOriginDOMProp(nsIPrincipal* aSubject, 
                            nsIPrincipal* aObject,
                            uint32_t aAction);
 
     nsresult
     LookupPolicy(nsIPrincipal* principal,
-                 ClassInfoData& aClassData, jsid aProperty,
+                 ClassInfoData& aClassData,
+                 JS::Handle<jsid> aProperty,
                  uint32_t aAction,
                  ClassPolicy** aCachedClassPolicy,
                  SecurityLevel* result);
 
     nsresult
     GetCodebasePrincipalInternal(nsIURI* aURI, uint32_t aAppId,
                                  bool aInMozBrowser,
                                  nsIPrincipal** result);
--- a/caps/src/nsScriptSecurityManager.cpp
+++ b/caps/src/nsScriptSecurityManager.cpp
@@ -74,24 +74,24 @@ static NS_DEFINE_CID(kZipReaderCID, NS_Z
 
 nsIIOService    *nsScriptSecurityManager::sIOService = nullptr;
 nsIStringBundle *nsScriptSecurityManager::sStrBundle = nullptr;
 JSRuntime       *nsScriptSecurityManager::sRuntime   = 0;
 bool nsScriptSecurityManager::sStrictFileOriginPolicy = true;
 
 // Lazily initialized. Use the getter below.
 static jsid sEnabledID = JSID_VOID;
-static jsid
+static JS::HandleId
 EnabledID()
 {
     if (sEnabledID != JSID_VOID)
-        return sEnabledID;
+        return JS::HandleId::fromMarkedLocation(&sEnabledID);
     AutoSafeJSContext cx;
     sEnabledID = INTERNED_STRING_TO_JSID(cx, JS_InternString(cx, "enabled"));
-    return sEnabledID;
+    return JS::HandleId::fromMarkedLocation(&sEnabledID);
 }
 
 bool
 nsScriptSecurityManager::SubjectIsPrivileged()
 {
     JSContext *cx = GetCurrentJSContext();
     if (cx && xpc::IsUniversalXPConnectEnabled(cx))
         return true;
@@ -979,17 +979,17 @@ nsScriptSecurityManager::CheckSameOrigin
     ** Access tests failed, so now report error.
     */
     return NS_ERROR_DOM_PROP_ACCESS_DENIED;
 }
 
 nsresult
 nsScriptSecurityManager::LookupPolicy(nsIPrincipal* aPrincipal,
                                       ClassInfoData& aClassData,
-                                      jsid aProperty,
+                                      JS::Handle<jsid> aProperty,
                                       uint32_t aAction,
                                       ClassPolicy** aCachedClassPolicy,
                                       SecurityLevel* result)
 {
     AutoJSContext cx;
     nsresult rv;
     JS::RootedId property(cx, aProperty);
     result->level = SCRIPT_SECURITY_UNDEFINED_ACCESS;