Closed Bug 368714 Opened 18 years ago Closed 18 years ago

[FIX]Sandbox evaluation should handle branch callbacks

Categories

(Core :: XPConnect, defect)

Product:
Core
Component:
XPConnect
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla1.9alpha1

People

(Reporter: bzbarsky, Assigned: bzbarsky)

Details

(Keywords: verified1.8.0.10, verified1.8.1.2)

Attachments

(2 files)

Proposed fix
2.39 KB, patch
jst
: review+
jst
: superreview+
dveditz
: approval1.8.1.2+
dveditz
: approval1.8.0.10+
Details | Diff | Splinter Review
Merged to branch
2.36 KB, patch
Details | Diff | Splinter Review 
In particular, it should call the DOM branch callback if that's relevant, so that if the script hangs the user can interrupt it.  See bug 368655 for a testcase.
Attached patch Proposed fixSplinter Review 
Though if we're worried about someone unsetting the branch callback on the original cx from inside the sandbox, we could reget it on every branch or something...
Attachment #253351 - Flags: superreview?(jst)
Attachment #253351 - Flags: review?(jst)
Comment on attachment 253351 [details] [diff] [review]
Proposed fix


>+        // Now cache the original branch callback
>+        mOrigBranchCallback = JS_SetBranchCallback(aOuterCx, nsnull);
>+        JS_SetBranchCallback(aOuterCx, mOrigBranchCallback);

Sorry I didn't add a getter to the JS API.

>+JSBool JS_DLL_CALLBACK
>+ContextHolder::ContextHolderBranchCallback(JSContext *cx, JSScript *script)
>+{
>+    ContextHolder* thisObject =
>+        NS_STATIC_CAST(ContextHolder*, JS_GetContextPrivate(cx));
>+    NS_ASSERTION(thisObject, "How did that happen?");
>+
>+    if (thisObject->mOrigBranchCallback) {
>+        return (thisObject->mOrigBranchCallback)(thisObject->mOrigCx, script);

Nit: no need to parenthesize the callable expression.  Very old C hackers remember when one had to not only parenthesize, but also put a * after the (, but those were the bad old days ;-).

/be
Attachment #253351 - Flags: superreview?(jst)
Attachment #253351 - Flags: superreview+
Attachment #253351 - Flags: review?(jst)
Attachment #253351 - Flags: review+
Fixed.
Status: NEW → RESOLVED
Closed: 18 years ago
Resolution: --- → FIXED
Comment on attachment 253351 [details] [diff] [review]
Proposed fix

I think we should consider this for branches as well...
Attachment #253351 - Flags: approval1.8.1.2?
Attachment #253351 - Flags: approval1.8.0.10?
Comment on attachment 253351 [details] [diff] [review]
Proposed fix

approved for 1.8/1.8.0 branches, a=dveditz for drivers
Attachment #253351 - Flags: approval1.8.1.2?
Attachment #253351 - Flags: approval1.8.1.2+
Attachment #253351 - Flags: approval1.8.0.10?
Attachment #253351 - Flags: approval1.8.0.10+
Attached patch Merged to branchSplinter Review 

    
    

    
  
Fixed on branches.
Keywords: fixed1.8.0.10, 
          
            fixed1.8.1.2

    
    

    
  
Verified on: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.2pre) Gecko/20070206 BonEcho/2.0.0.2pre
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.10pre) Gecko/20070206
Firefox/1.5.0.10pre

Using testcase url in bug 368655. Also tested on 1.8.1.2 in mac and linux.
Keywords: fixed1.8.0.10, 
          
            fixed1.8.1.2verified1.8.0.10, 
          
            verified1.8.1.2

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: