Closed Bug 652317 Opened 14 years ago Closed 14 years ago

Investigate if calling MediaQueryListListener should push Cx to stack

Categories

(Core :: CSS Parsing and Computation, defect, P2)

Product:
Core
Component:
CSS Parsing and Computation
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla6
Tracking Flags:
Tracking Status
firefox5 --- unaffected
status2.0 --- unaffected
status1.9.2 --- unaffected
status1.9.1 --- unaffected

People

(Reporter: smaug, Assigned: dbaron)

References

Details

(Keywords: regression)

Attachments

(1 file, 1 obsolete file)

patch
1.40 KB, patch
smaug
: review+
Details | Diff | Splinter Review
Traditionally we have pushed JS Context to stack when calling asynchronous-like callbacks (event listeners, timeout/interval callbacks, etc.) Still not long ago that was required for security, but IIRC gal mentioned that it might not be needed anymore. But better make sure that is the case.
Bug 393762 and Bug 383424 are the examples of problems what happened when context wasn't pushed to stack.
Blocks: 542058
Sounds like we should just do it to match other code, and then if we clean stuff up it'll get removed.
Attached patch patch (obsolete) — Splinter Review
Pushing the inner window seems like the best option to me, given that these listeners were added via an API on window... does it seem right to you?
Assignee: nobody → dbaron
Status: NEW → ASSIGNED
Attachment #527946 - Flags: review?(Olli.Pettay)
Comment on attachment 527946 [details] [diff] [review] patch >- for (PRUint32 i = 0, i_end = notifyList.Length(); i != i_end; ++i) { >- nsDOMMediaQueryList::HandleChangeData &d = notifyList[i]; >- d.listener->HandleChange(d.mql); >+ if (!notifyList.IsEmpty()) { >+ nsPIDOMWindow *win = mDocument->GetInnerWindow(); >+ nsCOMPtr<nsPIDOMEventTarget> et = do_QueryInterface(win); >+ nsCxPusher pusher; >+ >+ if (pusher.Push(et)) { You need to actually push for each listener separately. To optimize that, use RePush. >+ for (PRUint32 i = 0, i_end = notifyList.Length(); i != i_end; ++i) { >+ nsDOMMediaQueryList::HandleChangeData &d = notifyList[i]; >+ d.listener->HandleChange(d.mql); >+ } >+ } else { >+ NS_NOTREACHED("could not push context"); It is "ok" if you can't push a context. Especially when you do RePush for each listener. Some listener may actually kill the whole window and the following listeners can't run in that case.
Attachment #527946 - Flags: review?(Olli.Pettay) → review-
Attached patch patchSplinter Review
Attachment #527957 - Flags: review?(Olli.Pettay)
Comment on attachment 527957 [details] [diff] [review] patch Review of attachment 527957 [details] [diff] [review]:
Attachment #527957 - Flags: review?(Olli.Pettay) → review+
https://hg.mozilla.org/mozilla-central/rev/26ba14209541
Status: ASSIGNED → RESOLVED
Closed: 14 years ago
Priority: -- → P2
Hardware: x86 → All
Resolution: --- → FIXED
Target Milestone: --- → mozilla6
Until we have completed the work to remove the context stack its not optional to push onto it.
Hmm. Does this mean we need to do the same thing for mozRequestAnimationFrame callbacks?
That's filed as bug 652401. I *was* going to unhide this bug today since it was a bug that was only present in one nightly... but now I'm inclined to leave this hidden until bug 652401 is fixed on branches.
Group: core-security → core-security-release
Group: core-security-release
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: