Closed Bug 368714 Opened 18 years ago Closed 18 years ago

[FIX]Sandbox evaluation should handle branch callbacks

Categories

(Core :: XPConnect, defect)

Product:
Core
Component:
XPConnect
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla1.9alpha1

People

(Reporter: bzbarsky, Assigned: bzbarsky)

Details

(Keywords: verified1.8.0.10, verified1.8.1.2)

Attachments

(2 files)

Proposed fix
2.39 KB, patch
jst
: review+
jst
: superreview+
dveditz
: approval1.8.1.2+
dveditz
: approval1.8.0.10+
Details | Diff | Splinter Review
Merged to branch
2.36 KB, patch
Details | Diff | Splinter Review
In particular, it should call the DOM branch callback if that's relevant, so that if the script hangs the user can interrupt it. See bug 368655 for a testcase.
Attached patch Proposed fixSplinter Review
Though if we're worried about someone unsetting the branch callback on the original cx from inside the sandbox, we could reget it on every branch or something...
Attachment #253351 - Flags: superreview?(jst)
Attachment #253351 - Flags: review?(jst)
Comment on attachment 253351 [details] [diff] [review] Proposed fix >+ // Now cache the original branch callback >+ mOrigBranchCallback = JS_SetBranchCallback(aOuterCx, nsnull); >+ JS_SetBranchCallback(aOuterCx, mOrigBranchCallback); Sorry I didn't add a getter to the JS API. >+JSBool JS_DLL_CALLBACK >+ContextHolder::ContextHolderBranchCallback(JSContext *cx, JSScript *script) >+{ >+ ContextHolder* thisObject = >+ NS_STATIC_CAST(ContextHolder*, JS_GetContextPrivate(cx)); >+ NS_ASSERTION(thisObject, "How did that happen?"); >+ >+ if (thisObject->mOrigBranchCallback) { >+ return (thisObject->mOrigBranchCallback)(thisObject->mOrigCx, script); Nit: no need to parenthesize the callable expression. Very old C hackers remember when one had to not only parenthesize, but also put a * after the (, but those were the bad old days ;-). /be
Attachment #253351 - Flags: superreview?(jst)
Attachment #253351 - Flags: superreview+
Attachment #253351 - Flags: review?(jst)
Attachment #253351 - Flags: review+
Fixed.
Status: NEW → RESOLVED
Closed: 18 years ago
Resolution: --- → FIXED
Comment on attachment 253351 [details] [diff] [review] Proposed fix I think we should consider this for branches as well...
Attachment #253351 - Flags: approval1.8.1.2?
Attachment #253351 - Flags: approval1.8.0.10?
Comment on attachment 253351 [details] [diff] [review] Proposed fix approved for 1.8/1.8.0 branches, a=dveditz for drivers
Attachment #253351 - Flags: approval1.8.1.2?
Attachment #253351 - Flags: approval1.8.1.2+
Attachment #253351 - Flags: approval1.8.0.10?
Attachment #253351 - Flags: approval1.8.0.10+
Attached patch Merged to branchSplinter Review
Fixed on branches.
Keywords: fixed1.8.0.10, fixed1.8.1.2
Verified on: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.2pre) Gecko/20070206 BonEcho/2.0.0.2pre Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.10pre) Gecko/20070206 Firefox/1.5.0.10pre Using testcase url in bug 368655. Also tested on 1.8.1.2 in mac and linux.
Keywords: fixed1.8.0.10, fixed1.8.1.2verified1.8.0.10, verified1.8.1.2
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: