Bug 429070 - do not expose Components.interfaces and Components.interfaceByID to content; r=mrbkap
☠☠ backed out by 01c6a894bd35 ☠ ☠
authorarno renevier <arno@renevier.net>
Tue, 09 Aug 2011 16:59:07 -0400
changeset 75265 d9f175f9a2e4fd58a2634ee5f5917d3dfa4d1232
parent 75264 ee51239376b5c41f7714415f74c398f76654b3d9
child 75266 646c9d3de3f0c269f591180152b3d7c3292ab88b
push idunknown
push userunknown
push dateunknown
reviewersmrbkap
bugs429070
milestone8.0a1
Bug 429070 - do not expose Components.interfaces and Components.interfaceByID to content; r=mrbkap
js/src/xpconnect/src/xpccomponents.cpp
js/src/xpconnect/src/xpcprivate.h
js/src/xpconnect/tests/mochitest/Makefile.in
js/src/xpconnect/tests/mochitest/test_bug429070.html
--- a/js/src/xpconnect/src/xpccomponents.cpp
+++ b/js/src/xpconnect/src/xpccomponents.cpp
@@ -106,17 +106,17 @@ char * xpc_CheckAccessList(const PRUnich
 
 /***************************************************************************/
 
 /* void getInterfaces (out PRUint32 count, [array, size_is (count), retval]
                        out nsIIDPtr array); */
 NS_IMETHODIMP
 nsXPCComponents_Interfaces::GetInterfaces(PRUint32 *aCount, nsIID * **aArray)
 {
-    const PRUint32 count = 3;
+    const PRUint32 count = 2;
     *aCount = count;
     nsIID **array;
     *aArray = array = static_cast<nsIID**>(nsMemory::Alloc(count * sizeof(nsIID*)));
     if(!array)
         return NS_ERROR_OUT_OF_MEMORY;
 
     PRUint32 index = 0;
     nsIID* clone;
@@ -124,17 +124,16 @@ nsXPCComponents_Interfaces::GetInterface
     clone = static_cast<nsIID *>(nsMemory::Clone(&NS_GET_IID( id ),   \
                                                     sizeof(nsIID)));  \
     if (!clone)                                                       \
         goto oom;                                                     \
     array[index++] = clone;
 
     PUSH_IID(nsIScriptableInterfaces)
     PUSH_IID(nsIXPCScriptable)
-    PUSH_IID(nsISecurityCheckedComponent)
 #undef PUSH_IID
 
     return NS_OK;
 oom:
     while (index)
         nsMemory::Free(array[--index]);
     nsMemory::Free(array);
     *aArray = nsnull;
@@ -222,17 +221,16 @@ NS_IMETHODIMP nsXPCComponents_Interfaces
     mManager = aManager;
     return NS_OK;
 }
 
 NS_INTERFACE_MAP_BEGIN(nsXPCComponents_Interfaces)
   NS_INTERFACE_MAP_ENTRY(nsIScriptableInterfaces)
   NS_INTERFACE_MAP_ENTRY(nsIXPCScriptable)
   NS_INTERFACE_MAP_ENTRY(nsIClassInfo)
-  NS_INTERFACE_MAP_ENTRY(nsISecurityCheckedComponent)
   NS_INTERFACE_MAP_ENTRY_AMBIGUOUS(nsISupports, nsIScriptableInterfaces)
 NS_INTERFACE_MAP_END_THREADSAFE
 
 NS_IMPL_THREADSAFE_ADDREF(nsXPCComponents_Interfaces)
 NS_IMPL_THREADSAFE_RELEASE(nsXPCComponents_Interfaces)
 
 // The nsIXPCScriptable map declaration that will generate stubs for us...
 #define XPC_MAP_CLASSNAME           nsXPCComponents_Interfaces
@@ -366,85 +364,47 @@ nsXPCComponents_Interfaces::NewResolve(n
                     }
                 }
             }
         }
     }
     return NS_OK;
 }
 
-/* string canCreateWrapper (in nsIIDPtr iid); */
-NS_IMETHODIMP
-nsXPCComponents_Interfaces::CanCreateWrapper(const nsIID * iid, char **_retval)
-{
-    // We let anyone do this...
-    *_retval = xpc_CloneAllAccess();
-    return NS_OK;
-}
-
-/* string canCallMethod (in nsIIDPtr iid, in wstring methodName); */
-NS_IMETHODIMP
-nsXPCComponents_Interfaces::CanCallMethod(const nsIID * iid, const PRUnichar *methodName, char **_retval)
-{
-    // If you have to ask, then the answer is NO
-    *_retval = nsnull;
-    return NS_OK;
-}
-
-/* string canGetProperty (in nsIIDPtr iid, in wstring propertyName); */
-NS_IMETHODIMP
-nsXPCComponents_Interfaces::CanGetProperty(const nsIID * iid, const PRUnichar *propertyName, char **_retval)
-{
-    // If you have to ask, then the answer is NO
-    *_retval = nsnull;
-    return NS_OK;
-}
-
-/* string canSetProperty (in nsIIDPtr iid, in wstring propertyName); */
-NS_IMETHODIMP
-nsXPCComponents_Interfaces::CanSetProperty(const nsIID * iid, const PRUnichar *propertyName, char **_retval)
-{
-    // If you have to ask, then the answer is NO
-    *_retval = nsnull;
-    return NS_OK;
-}
-
 /***************************************************************************/
 /***************************************************************************/
 /***************************************************************************/
 
 class nsXPCComponents_InterfacesByID :
             public nsIScriptableInterfacesByID,
             public nsIXPCScriptable,
-            public nsIClassInfo,
-            public nsISecurityCheckedComponent
+            public nsIClassInfo
 {
 public:
     // all the interface method declarations...
     NS_DECL_ISUPPORTS
     NS_DECL_NSISCRIPTABLEINTERFACESBYID
     NS_DECL_NSIXPCSCRIPTABLE
     NS_DECL_NSICLASSINFO
-    NS_DECL_NSISECURITYCHECKEDCOMPONENT
 
 public:
     nsXPCComponents_InterfacesByID();
     virtual ~nsXPCComponents_InterfacesByID();
 
 private:
     nsCOMPtr<nsIInterfaceInfoManager> mManager;
 };
 
 /***************************************************************************/
 /* void getInterfaces (out PRUint32 count, [array, size_is (count), retval]
                        out nsIIDPtr array); */
 NS_IMETHODIMP
 nsXPCComponents_InterfacesByID::GetInterfaces(PRUint32 *aCount, nsIID * **aArray)
 {
-    const PRUint32 count = 3;
+    const PRUint32 count = 2;
     *aCount = count;
     nsIID **array;
     *aArray = array = static_cast<nsIID**>(nsMemory::Alloc(count * sizeof(nsIID*)));
     if(!array)
         return NS_ERROR_OUT_OF_MEMORY;
 
     PRUint32 index = 0;
     nsIID* clone;
@@ -452,17 +412,16 @@ nsXPCComponents_InterfacesByID::GetInter
     clone = static_cast<nsIID *>(nsMemory::Clone(&NS_GET_IID( id ),   \
                                                     sizeof(nsIID)));  \
     if (!clone)                                                       \
         goto oom;                                                     \
     array[index++] = clone;
 
     PUSH_IID(nsIScriptableInterfacesByID)
     PUSH_IID(nsIXPCScriptable)
-    PUSH_IID(nsISecurityCheckedComponent)
 #undef PUSH_IID
 
     return NS_OK;
 oom:
     while (index)
         nsMemory::Free(array[--index]);
     nsMemory::Free(array);
     *aArray = nsnull;
@@ -536,17 +495,16 @@ nsXPCComponents_InterfacesByID::~nsXPCCo
 {
     // empty
 }
 
 NS_INTERFACE_MAP_BEGIN(nsXPCComponents_InterfacesByID)
   NS_INTERFACE_MAP_ENTRY(nsIScriptableInterfacesByID)
   NS_INTERFACE_MAP_ENTRY(nsIXPCScriptable)
   NS_INTERFACE_MAP_ENTRY(nsIClassInfo)
-  NS_INTERFACE_MAP_ENTRY(nsISecurityCheckedComponent)
   NS_INTERFACE_MAP_ENTRY_AMBIGUOUS(nsISupports, nsIScriptableInterfacesByID)
 NS_INTERFACE_MAP_END_THREADSAFE
 
 NS_IMPL_THREADSAFE_ADDREF(nsXPCComponents_InterfacesByID)
 NS_IMPL_THREADSAFE_RELEASE(nsXPCComponents_InterfacesByID)
 
 // The nsIXPCScriptable map declaration that will generate stubs for us...
 #define XPC_MAP_CLASSNAME           nsXPCComponents_InterfacesByID
@@ -690,52 +648,16 @@ nsXPCComponents_InterfacesByID::NewResol
                                               JSPROP_PERMANENT);
                 }
             }
         }
     }
     return NS_OK;
 }
 
-/* string canCreateWrapper (in nsIIDPtr iid); */
-NS_IMETHODIMP
-nsXPCComponents_InterfacesByID::CanCreateWrapper(const nsIID * iid, char **_retval)
-{
-    // We let anyone do this...
-    *_retval = xpc_CloneAllAccess();
-    return NS_OK;
-}
-
-/* string canCallMethod (in nsIIDPtr iid, in wstring methodName); */
-NS_IMETHODIMP
-nsXPCComponents_InterfacesByID::CanCallMethod(const nsIID * iid, const PRUnichar *methodName, char **_retval)
-{
-    // If you have to ask, then the answer is NO
-    *_retval = nsnull;
-    return NS_OK;
-}
-
-/* string canGetProperty (in nsIIDPtr iid, in wstring propertyName); */
-NS_IMETHODIMP
-nsXPCComponents_InterfacesByID::CanGetProperty(const nsIID * iid, const PRUnichar *propertyName, char **_retval)
-{
-    // If you have to ask, then the answer is NO
-    *_retval = nsnull;
-    return NS_OK;
-}
-
-/* string canSetProperty (in nsIIDPtr iid, in wstring propertyName); */
-NS_IMETHODIMP
-nsXPCComponents_InterfacesByID::CanSetProperty(const nsIID * iid, const PRUnichar *propertyName, char **_retval)
-{
-    // If you have to ask, then the answer is NO
-    *_retval = nsnull;
-    return NS_OK;
-}
-
 /***************************************************************************/
 /***************************************************************************/
 /***************************************************************************/
 
 
 
 class nsXPCComponents_Classes : 
   public nsIXPCComponents_Classes,
@@ -4391,18 +4313,17 @@ nsXPCComponents::CanCallMethod(const nsI
     *_retval = xpc_CheckAccessList(methodName, allowed);
     return NS_OK;
 }
 
 /* string canGetProperty (in nsIIDPtr iid, in wstring propertyName); */
 NS_IMETHODIMP
 nsXPCComponents::CanGetProperty(const nsIID * iid, const PRUnichar *propertyName, char **_retval)
 {
-    static const char* allowed[] = { "interfaces", "interfacesByID", "results", nsnull};
-    *_retval = xpc_CheckAccessList(propertyName, allowed);
+    *_retval = nsnull;
     return NS_OK;
 }
 
 /* string canSetProperty (in nsIIDPtr iid, in wstring propertyName); */
 NS_IMETHODIMP
 nsXPCComponents::CanSetProperty(const nsIID * iid, const PRUnichar *propertyName, char **_retval)
 {
     // If you have to ask, then the answer is NO
--- a/js/src/xpconnect/src/xpcprivate.h
+++ b/js/src/xpconnect/src/xpcprivate.h
@@ -3824,26 +3824,24 @@ private:
     nsXPCComponents_Utils*          mUtils;
 };
 
 /***************************************************************************/
 
 class nsXPCComponents_Interfaces :
             public nsIScriptableInterfaces,
             public nsIXPCScriptable,
-            public nsIClassInfo,
-            public nsISecurityCheckedComponent
+            public nsIClassInfo
 {
 public:
     // all the interface method declarations...
     NS_DECL_ISUPPORTS
     NS_DECL_NSISCRIPTABLEINTERFACES
     NS_DECL_NSIXPCSCRIPTABLE
     NS_DECL_NSICLASSINFO
-    NS_DECL_NSISECURITYCHECKEDCOMPONENT
 
 public:
     nsXPCComponents_Interfaces();
     virtual ~nsXPCComponents_Interfaces();
 
 private:
     nsCOMPtr<nsIInterfaceInfoManager> mManager;
 };
--- a/js/src/xpconnect/tests/mochitest/Makefile.in
+++ b/js/src/xpconnect/tests/mochitest/Makefile.in
@@ -57,16 +57,17 @@ include $(topsrcdir)/config/rules.mk
 		test_bug384632.html \
 		test_bug390488.html \
 		test_bug393269.html \
 		test_bug396851.html \
 		test_bug428021.html \
 		test_bug446584.html \
 		test_bug462428.html \
 		test_bug478438.html \
+		test_bug429070.html \
 		test_bug500691.html \
 		test_bug502959.html \
 		test_bug503926.html \
 		test_bug504877.html \
 		test_bug505915.html \
 		file_bug505915.html \
 		test_bug553407.html \
 		test_bug560351.html \
new file mode 100644
--- /dev/null
+++ b/js/src/xpconnect/tests/mochitest/test_bug429070.html
@@ -0,0 +1,103 @@
+<!DOCTYPE HTML>
+<html>
+<!--
+https://bugzilla.mozilla.org/show_bug.cgi?id=429070
+-->
+<head>
+  <title>Test for Bug 429070</title>
+  <script type="text/javascript" src="/MochiKit/MochiKit.js"></script>
+  <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=429070">Mozilla Bug 429070</a>
+<p id="display"></p>
+<div id="content" style="display: none">
+  
+</div>
+<pre id="test">
+<script class="testbody" type="text/javascript">
+
+/** Test for Bug 429070 **/
+try {
+    var a = Components.interfaces;
+    ok(false, "Components.interfaces is accessible from content");
+} catch(e) {
+    ok(true, "Components.interfaces is not exposed to content");
+}
+
+try {
+    var a = Components.interfacesByID;
+    ok(false, "Components.interfacesById is accessible from content");
+} catch(e) {
+    ok(true, "Components.interfacesById is not exposed to content");
+}
+
+try {
+    var a = Components.classes;
+    ok(false, "Components.classes is accessible from content");
+} catch(e) {
+    ok(true, "Components.classes is not exposed to content");
+}
+
+try {
+    var a = Components.classesByID;
+    ok(false, "Components.classesByID is accessible from content");
+} catch(e) {
+    ok(true, "Components.classesByID is not exposed to content");
+}
+
+try {
+    var a = Components.stack;
+    ok(false, "Components.stack is accessible from content");
+} catch(e) {
+    ok(true, "Components.stack is not exposed to content");
+}
+
+try {
+    var a = Components.results;
+    ok(false, "Components.results is accessible from content");
+} catch(e) {
+    ok(true, "Components.results is not exposed to content");
+}
+
+try {
+    var a = Components.manager;
+    ok(false, "Components.manager is accessible from content");
+} catch(e) {
+    ok(true, "Components.manager is not exposed to content");
+}
+
+try {
+    var a = Components.utils;
+    ok(false, "Components.utils is accessible from content");
+} catch(e) {
+    ok(true, "Components.utils is not exposed to content");
+}
+
+try {
+    var a = Components.ID;
+    ok(false, "Components.ID is accessible from content");
+} catch(e) {
+    ok(true, "Components.ID is not exposed to content");
+}
+
+try {
+    var a = Components.Exception;
+    ok(false, "Components.Exception is accessible from content");
+} catch(e) {
+    ok(true, "Components.Exception is not exposed to content");
+}
+
+try {
+    var a = Components.Constructor;
+    ok(false, "Components.Constructor is accessible from content");
+} catch(e) {
+    ok(true, "Components.Constructor is not exposed to content");
+}
+
+</script>
+</pre>
+</body>
+</html>
+