Bug 1406827: Do not wrap an interface with a passthru proxy unless sandboxing is enabled and >= level 3; r=jimm
authorAaron Klotz <aklotz@mozilla.com>
Fri, 03 Nov 2017 16:50:17 -0600
changeset 436902 1faa238d9faf94d3b763730351171b86c2e5bc9f
parent 436901 12d7e455b355cc68131aaf9f28f88bfd6226b828
child 436905 eb77f75f95d945e1a9f95d035f83337c4e10b0c6
push id117
push userfmarier@mozilla.com
push dateTue, 28 Nov 2017 20:17:16 +0000
reviewersjimm
bugs1406827
milestone59.0a1
Bug 1406827: Do not wrap an interface with a passthru proxy unless sandboxing is enabled and >= level 3; r=jimm MozReview-Commit-ID: Gi1ch0IQtPj
ipc/mscom/PassthruProxy.h
--- a/ipc/mscom/PassthruProxy.h
+++ b/ipc/mscom/PassthruProxy.h
@@ -6,16 +6,19 @@
 
 #ifndef mozilla_mscom_PassthruProxy_h
 #define mozilla_mscom_PassthruProxy_h
 
 #include "mozilla/Atomics.h"
 #include "mozilla/mscom/ProxyStream.h"
 #include "mozilla/mscom/Ptr.h"
 #include "mozilla/NotNull.h"
+#if defined(MOZ_CONTENT_SANDBOX)
+#include "mozilla/SandboxSettings.h"
+#endif // defined(MOZ_CONTENT_SANDBOX)
 
 #include <objbase.h>
 
 namespace mozilla {
 namespace mscom {
 namespace detail {
 
 template <typename Iface>
@@ -35,28 +38,38 @@ class PassthruProxy final : public IMars
                           , public IClientSecurity
 {
 public:
   template <typename Iface>
   static RefPtr<Iface> Wrap(NotNull<Iface*> aIn)
   {
     static_assert(detail::VTableSizer<Iface>::Size >= 3, "VTable too small");
 
+#if defined(MOZ_CONTENT_SANDBOX)
+    if (mozilla::GetEffectiveContentSandboxLevel() < 3) {
+      // The sandbox isn't strong enough to be a problem; no wrapping required
+      return aIn.get();
+    }
+
     typename detail::EnvironmentSelector<Iface>::Type env;
 
     RefPtr<PassthruProxy> passthru(new PassthruProxy(&env, __uuidof(Iface),
                                                      detail::VTableSizer<Iface>::Size,
                                                      aIn));
 
     RefPtr<Iface> result;
     if (FAILED(passthru->QueryProxyInterface(getter_AddRefs(result)))) {
       return nullptr;
     }
 
     return result;
+#else
+    // No wrapping required
+    return aIn.get();
+#endif // defined(MOZ_CONTENT_SANDBOX)
   }
 
   static HRESULT Register();
 
   PassthruProxy();
 
   // IUnknown
   STDMETHODIMP QueryInterface(REFIID riid, void** ppv) override;