Bug 1480245, part 4 - Remove always-true nsXPTInterfaceInfo::IsScriptable(). r=nika
authorAdrian Wielgosik <adrian.wielgosik@gmail.com>
Thu, 25 Oct 2018 09:55:05 +0000
changeset 491311 0248f5aff651af4b8138843a6eb16b6a67ba80e2
parent 491310 8d3ccc933550a677ecf201e688010fee2170800d
child 491312 3db828b6494a0f680310fb453a71f00fbb505bb3
push id247
push userfmarier@mozilla.com
push dateSat, 27 Oct 2018 01:06:44 +0000
reviewersnika
bugs1480245
milestone65.0a1
Bug 1480245, part 4 - Remove always-true nsXPTInterfaceInfo::IsScriptable(). r=nika Differential Revision: https://phabricator.services.mozilla.com/D9646
js/xpconnect/src/XPCJSID.cpp
js/xpconnect/src/XPCWrappedJS.cpp
js/xpconnect/src/XPCWrappedJSClass.cpp
js/xpconnect/src/XPCWrappedNativeInfo.cpp
js/xpconnect/src/xpcprivate.h
xpcom/reflect/xptinfo/xptinfo.h
--- a/js/xpconnect/src/XPCJSID.cpp
+++ b/js/xpconnect/src/XPCJSID.cpp
@@ -362,20 +362,16 @@ NS_IMETHODIMP nsJSIID::ToString(char** _
 already_AddRefed<nsJSIID>
 nsJSIID::NewID(const nsXPTInterfaceInfo* aInfo)
 {
     if (!aInfo) {
         NS_ERROR("no info");
         return nullptr;
     }
 
-    if (!aInfo->IsScriptable()) {
-        return nullptr;
-    }
-
     RefPtr<nsJSIID> idObj = new nsJSIID(aInfo);
     return idObj.forget();
 }
 
 
 NS_IMETHODIMP
 nsJSIID::Resolve(nsIXPConnectWrappedNative* wrapper,
                  JSContext * cx, JSObject * objArg,
--- a/js/xpconnect/src/XPCWrappedJS.cpp
+++ b/js/xpconnect/src/XPCWrappedJS.cpp
@@ -345,19 +345,17 @@ nsXPCWrappedJS::GetNewOrUsed(JSContext* 
                              nsXPCWrappedJS** wrapperResult)
 {
     // Do a release-mode assert against accessing nsXPCWrappedJS off-main-thread.
     MOZ_RELEASE_ASSERT(NS_IsMainThread(),
                        "nsXPCWrappedJS::GetNewOrUsed called off main thread");
 
     MOZ_RELEASE_ASSERT(js::GetContextCompartment(cx) == js::GetObjectCompartment(jsObj));
 
-    bool allowNonScriptable = mozilla::jsipc::IsWrappedCPOW(jsObj);
-    RefPtr<nsXPCWrappedJSClass> clasp = nsXPCWrappedJSClass::GetNewOrUsed(cx, aIID,
-                                                                          allowNonScriptable);
+    RefPtr<nsXPCWrappedJSClass> clasp = nsXPCWrappedJSClass::GetNewOrUsed(cx, aIID);
     if (!clasp) {
         return NS_ERROR_FAILURE;
     }
 
     JS::RootedObject rootJSObj(cx, clasp->GetRootJSObject(cx, jsObj));
     if (!rootJSObj) {
         return NS_ERROR_FAILURE;
     }
--- a/js/xpconnect/src/XPCWrappedJSClass.cpp
+++ b/js/xpconnect/src/XPCWrappedJSClass.cpp
@@ -102,30 +102,26 @@ public:
     }
 private:
     XPCJSContext* mXPCContext;
     nsresult mSavedResult;
 };
 
 // static
 already_AddRefed<nsXPCWrappedJSClass>
-nsXPCWrappedJSClass::GetNewOrUsed(JSContext* cx, REFNSIID aIID, bool allowNonScriptable)
+nsXPCWrappedJSClass::GetNewOrUsed(JSContext* cx, REFNSIID aIID)
 {
     XPCJSRuntime* xpcrt = nsXPConnect::GetRuntimeInstance();
     IID2WrappedJSClassMap* map = xpcrt->GetWrappedJSClassMap();
     RefPtr<nsXPCWrappedJSClass> clasp = map->Find(aIID);
 
     if (!clasp) {
         const nsXPTInterfaceInfo* info = nsXPTInterfaceInfo::ByIID(aIID);
         if (info) {
-            bool canScript = info->IsScriptable();
-            bool isBuiltin = info->IsBuiltinClass();
-            if ((canScript || allowNonScriptable) && !isBuiltin &&
-                nsXPConnect::IsISupportsDescendant(info))
-            {
+            if (!info->IsBuiltinClass() && nsXPConnect::IsISupportsDescendant(info)) {
                 clasp = new nsXPCWrappedJSClass(cx, aIID, info);
                 if (!clasp->mDescriptors) {
                     clasp = nullptr;
                 }
             }
         }
     }
     return clasp.forget();
@@ -214,29 +210,20 @@ nsXPCWrappedJSClass::CallQueryInterfaceO
     }
 
     // check upfront for the existence of the function property
     HandleId funid = mRuntime->GetStringID(XPCJSContext::IDX_QUERY_INTERFACE);
     if (!JS_GetPropertyById(cx, jsobj, funid, &fun) || fun.isPrimitive()) {
         return nullptr;
     }
 
-    // Ensure that we are asking for a scriptable interface.
-    // NB:  It's important for security that this check is here rather
-    // than later, since it prevents untrusted objects from implementing
-    // some interfaces in JS and aggregating a trusted object to
-    // implement intentionally (for security) unscriptable interfaces.
-    // We so often ask for nsISupports that we can short-circuit the test...
+    // Ensure that we are asking for a non-builtinclass interface
     if (!aIID.Equals(NS_GET_IID(nsISupports))) {
-        bool allowNonScriptable = mozilla::jsipc::IsWrappedCPOW(jsobj);
-
         const nsXPTInterfaceInfo* info = nsXPTInterfaceInfo::ByIID(aIID);
-        if (!info || info->IsBuiltinClass() ||
-            (!info->IsScriptable() && !allowNonScriptable))
-        {
+        if (!info || info->IsBuiltinClass()) {
             return nullptr;
         }
     }
 
     dom::MozQueryInterface* mozQI = nullptr;
     if (NS_SUCCEEDED(UNWRAP_OBJECT(MozQueryInterface, &fun, mozQI))) {
         if (mozQI->QueriesTo(aIID)) {
             return jsobj.get();
--- a/js/xpconnect/src/XPCWrappedNativeInfo.cpp
+++ b/js/xpconnect/src/XPCWrappedNativeInfo.cpp
@@ -233,22 +233,17 @@ XPCNativeInterface::NewInstance(const ns
 
     // XXX Investigate lazy init? This is a problem given the
     // 'placement new' scheme - we need to at least know how big to make
     // the object. We might do a scan of methods to determine needed size,
     // then make our object, but avoid init'ing *any* members until asked?
     // Find out how often we create these objects w/o really looking at
     // (or using) the members.
 
-    if (!aInfo->IsScriptable()) {
-        return nullptr;
-    }
-
-    bool mainProcessScriptableOnly = aInfo->IsMainProcessScriptableOnly();
-    if (mainProcessScriptableOnly && !XRE_IsParentProcess()) {
+    if (aInfo->IsMainProcessScriptableOnly() && !XRE_IsParentProcess()) {
         nsCOMPtr<nsIConsoleService> console(do_GetService(NS_CONSOLESERVICE_CONTRACTID));
         if (console) {
             const char* intfNameChars = aInfo->Name();
             nsPrintfCString errorMsg("Use of %s in content process is deprecated.", intfNameChars);
 
             nsAutoString filename;
             uint32_t lineno = 0, column = 0;
             nsJSUtils::GetCallingLocation(cx, filename, &lineno, &column);
--- a/js/xpconnect/src/xpcprivate.h
+++ b/js/xpconnect/src/xpcprivate.h
@@ -1708,19 +1708,17 @@ NS_DEFINE_STATIC_IID_ACCESSOR(nsIXPCWrap
 class nsXPCWrappedJSClass final : public nsIXPCWrappedJSClass
 {
     // all the interface method declarations...
     NS_DECL_ISUPPORTS
     NS_IMETHOD DebugDump(int16_t depth) override;
 public:
 
     static already_AddRefed<nsXPCWrappedJSClass>
-    GetNewOrUsed(JSContext* cx,
-                 REFNSIID aIID,
-                 bool allowNonScriptable = false);
+    GetNewOrUsed(JSContext* cx, REFNSIID aIID);
 
     REFNSIID GetIID() const {return mIID;}
     XPCJSRuntime* GetRuntime() const {return mRuntime;}
     const nsXPTInterfaceInfo* GetInterfaceInfo() const {return mInfo;}
     const char* GetInterfaceName();
 
     NS_IMETHOD DelegatedQueryInterface(nsXPCWrappedJS* self, REFNSIID aIID,
                                        void** aInstancePtr);
--- a/xpcom/reflect/xptinfo/xptinfo.h
+++ b/xpcom/reflect/xptinfo/xptinfo.h
@@ -74,17 +74,16 @@ struct nsXPTInterfaceInfo
   static const nsXPTInterfaceInfo* ByIndex(uint16_t aIndex) {
     // NOTE: We add 1 here, as the internal index 0 is reserved for null.
     return xpt::detail::GetInterface(aIndex + 1);
   }
   static uint16_t InterfaceCount() { return xpt::detail::sInterfacesSize; }
 
 
   // Interface flag getters
-  bool IsScriptable() const { return true; } // XXX remove (bug 1480245)
   bool IsFunction() const { return mFunction; }
   bool IsBuiltinClass() const { return mBuiltinClass; }
   bool IsMainProcessScriptableOnly() const { return mMainProcessScriptableOnly; }
 
   const char* Name() const { return xpt::detail::GetString(mName); }
   const nsIID& IID() const { return mIID; }
 
   // Get the parent interface, or null if this interface doesn't have a parent.