Bug 665012 - r=bz
authorMounir Lamouri <mounir.lamouri@gmail.com>
Tue, 21 Jun 2011 18:51:34 +0200
changeset 71442 f6d7d57e774737cde4f3598ab8e448d40f0757d3
parent 71441 b25c7c9606b96dcd888accebc04e7f52004855b1
child 71443 5b5b0c7bc7bc433a4c877b601c82fce79bbb0a23
push idunknown
push userunknown
push dateunknown
reviewersbz
bugs665012
milestone7.0a1
Bug 665012 - r=bz
content/events/src/nsDOMDataTransfer.cpp
content/events/src/nsDOMDataTransfer.h
--- a/content/events/src/nsDOMDataTransfer.cpp
+++ b/content/events/src/nsDOMDataTransfer.cpp
@@ -443,18 +443,21 @@ nsDOMDataTransfer::MozGetDataAt(const ns
 
   nsTArray<TransferItem>& item = mItems[aIndex];
 
   // allow access to any data in the drop and dragdrop events, or if the
   // UniversalBrowserRead privilege is set, otherwise only allow access to
   // data from the same principal.
   nsIPrincipal* principal = nsnull;
   if (mEventType != NS_DRAGDROP_DROP && mEventType != NS_DRAGDROP_DRAGDROP &&
-      !nsContentUtils::IsCallerTrustedForCapability("UniversalBrowserRead"))
-    principal = GetCurrentPrincipal();
+      !nsContentUtils::IsCallerTrustedForCapability("UniversalBrowserRead")) {
+    nsresult rv = NS_OK;
+    principal = GetCurrentPrincipal(&rv);
+    NS_ENSURE_SUCCESS(rv, rv);
+  }
 
   PRUint32 count = item.Length();
   for (PRUint32 i = 0; i < count; i++) {
     TransferItem& formatitem = item[i];
     if (formatitem.mFormat.Equals(format)) {
       PRBool subsumes;
       if (formatitem.mPrincipal && principal &&
           (NS_FAILED(principal->Subsumes(formatitem.mPrincipal, &subsumes)) || !subsumes))
@@ -470,18 +473,19 @@ nsDOMDataTransfer::MozGetDataAt(const ns
         if (pt) {
           nsresult rv = NS_OK;
           nsIScriptContext* c = pt->GetContextForEventHandlers(&rv);
           NS_ENSURE_TRUE(c && NS_SUCCEEDED(rv), NS_ERROR_DOM_SECURITY_ERR);
           nsIScriptObjectPrincipal* sp = c->GetObjectPrincipal();
           NS_ENSURE_TRUE(sp, NS_ERROR_DOM_SECURITY_ERR);
           nsIPrincipal* dataPrincipal = sp->GetPrincipal();
           NS_ENSURE_TRUE(dataPrincipal, NS_ERROR_DOM_SECURITY_ERR);
-          NS_ENSURE_TRUE(principal || (principal = GetCurrentPrincipal()),
+          NS_ENSURE_TRUE(principal || (principal = GetCurrentPrincipal(&rv)),
                          NS_ERROR_DOM_SECURITY_ERR);
+          NS_ENSURE_SUCCESS(rv, rv);
           PRBool equals = PR_FALSE;
           NS_ENSURE_TRUE(NS_SUCCEEDED(principal->Equals(dataPrincipal, &equals)) && equals,
                          NS_ERROR_DOM_SECURITY_ERR);
         }
       }
       *aData = formatitem.mData;
       NS_IF_ADDREF(*aData);
       return NS_OK;
@@ -512,32 +516,37 @@ nsDOMDataTransfer::MozSetDataAt(const ns
   // don't allow non-chrome to add file data
   // XXX perhaps this should also limit any non-string type as well
   if ((aFormat.EqualsLiteral("application/x-moz-file-promise") ||
        aFormat.EqualsLiteral("application/x-moz-file")) &&
        !nsContentUtils::IsCallerTrustedForCapability("UniversalXPConnect")) {
     return NS_ERROR_DOM_SECURITY_ERR;
   }
 
-  return SetDataWithPrincipal(aFormat, aData, aIndex, GetCurrentPrincipal());
+  nsresult rv = NS_OK;
+  nsIPrincipal* principal = GetCurrentPrincipal(&rv);
+  NS_ENSURE_SUCCESS(rv, rv);
+  return SetDataWithPrincipal(aFormat, aData, aIndex, principal);
 }
 
 NS_IMETHODIMP
 nsDOMDataTransfer::MozClearDataAt(const nsAString& aFormat, PRUint32 aIndex)
 {
   if (mReadOnly)
     return NS_ERROR_DOM_NO_MODIFICATION_ALLOWED_ERR;
 
   if (aIndex >= mItems.Length())
     return NS_ERROR_DOM_INDEX_SIZE_ERR;
 
   nsAutoString format;
   GetRealFormat(aFormat, format);
 
-  nsIPrincipal* principal = GetCurrentPrincipal();
+  nsresult rv = NS_OK;
+  nsIPrincipal* principal = GetCurrentPrincipal(&rv);
+  NS_ENSURE_SUCCESS(rv, rv);
 
   // if the format is empty, clear all formats
   PRBool clearall = format.IsEmpty();
 
   nsTArray<TransferItem>& item = mItems[aIndex];
   // count backwards so that the count and index don't have to be adjusted
   // after removing an element
   for (PRInt32 i = item.Length() - 1; i >= 0; i--) {
@@ -793,23 +802,23 @@ nsDOMDataTransfer::SetDataWithPrincipal(
   formatitem->mFormat = format;
   formatitem->mPrincipal = aPrincipal;
   formatitem->mData = aData;
 
   return NS_OK;
 }
 
 nsIPrincipal*
-nsDOMDataTransfer::GetCurrentPrincipal()
+nsDOMDataTransfer::GetCurrentPrincipal(nsresult* rv)
 {
   nsIScriptSecurityManager* ssm = nsContentUtils::GetSecurityManager();
 
   nsCOMPtr<nsIPrincipal> currentPrincipal;
-  nsresult rv = ssm->GetSubjectPrincipal(getter_AddRefs(currentPrincipal));
-  NS_ENSURE_SUCCESS(rv, nsnull);
+  *rv = ssm->GetSubjectPrincipal(getter_AddRefs(currentPrincipal));
+  NS_ENSURE_SUCCESS(*rv, nsnull);
 
   if (!currentPrincipal)
     ssm->GetSystemPrincipal(getter_AddRefs(currentPrincipal));
 
   return currentPrincipal.get();
 }
 
 void
--- a/content/events/src/nsDOMDataTransfer.h
+++ b/content/events/src/nsDOMDataTransfer.h
@@ -147,17 +147,17 @@ protected:
   nsIDOMElement* GetDragImage(PRInt32* aX, PRInt32* aY)
   {
     *aX = mDragImageX;
     *aY = mDragImageY;
     return mDragImage;
   }
 
   // returns a weak reference to the current principal
-  nsIPrincipal* GetCurrentPrincipal();
+  nsIPrincipal* GetCurrentPrincipal(nsresult* rv);
 
   // converts some formats used for compatibility in aInFormat into aOutFormat.
   // Text and text/unicode become text/plain, and URL becomes text/uri-list
   void GetRealFormat(const nsAString& aInFormat, nsAString& aOutFormat);
 
   // caches the formats that exist in the drag service that were added by an
   // external drag
   void CacheExternalFormats();