mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-15 06:15:43 +00:00
Bug 865745 - Use an AutoSafeJSContext in nsFrameMessageManager::ReceiveMessage. r=smaug
This function proceeds to push its cx and enters a compartment, so it can't be depending on any compartment or callstack state of the cx it's using. The only potential issue would then be reporting the error to the correct DOM window, but this stuff is used only for chrome, where that doesn't matter. The safe JSContext uses the same error reporter as JSMs and such, which is probably fine.
This commit is contained in:
parent
2876061d0d
commit
4624941dc9
@ -2234,7 +2234,7 @@ public:
|
||||
|
||||
nsRefPtr<nsFrameMessageManager> mm = tabChild->GetInnerManager();
|
||||
mm->ReceiveMessage(static_cast<EventTarget*>(tabChild), mMessage,
|
||||
false, &data, JS::NullPtr(), nullptr, nullptr);
|
||||
false, &data, JS::NullPtr(), nullptr);
|
||||
}
|
||||
return NS_OK;
|
||||
}
|
||||
|
@ -632,14 +632,10 @@ nsFrameMessageManager::ReceiveMessage(nsISupports* aTarget,
|
||||
bool aSync,
|
||||
const StructuredCloneData* aCloneData,
|
||||
JS::Handle<JSObject*> aObjectsArray,
|
||||
InfallibleTArray<nsString>* aJSONRetVal,
|
||||
JSContext* aContext)
|
||||
InfallibleTArray<nsString>* aJSONRetVal)
|
||||
{
|
||||
JSContext *cxToUse = mContext ? mContext
|
||||
: (aContext ? aContext
|
||||
: nsContentUtils::GetSafeJSContext());
|
||||
AutoPushJSContext ctx(cxToUse);
|
||||
JS::Rooted<JSObject*> objectsArray(cxToUse, aObjectsArray);
|
||||
AutoSafeJSContext ctx;
|
||||
JS::Rooted<JSObject*> objectsArray(ctx, aObjectsArray);
|
||||
if (mListeners.Length()) {
|
||||
nsCOMPtr<nsIAtom> name = do_GetAtom(aMessage);
|
||||
MMListenerRemover lr(this);
|
||||
@ -1197,7 +1193,7 @@ public:
|
||||
|
||||
nsRefPtr<nsFrameMessageManager> ppm = nsFrameMessageManager::sChildProcessManager;
|
||||
ppm->ReceiveMessage(static_cast<nsIContentFrameMessageManager*>(ppm.get()), mMessage,
|
||||
false, &data, JS::NullPtr(), nullptr, nullptr);
|
||||
false, &data, JS::NullPtr(), nullptr);
|
||||
}
|
||||
return NS_OK;
|
||||
}
|
||||
@ -1327,7 +1323,7 @@ public:
|
||||
nsRefPtr<nsFrameMessageManager> ppm =
|
||||
nsFrameMessageManager::sSameProcessParentManager;
|
||||
ppm->ReceiveMessage(static_cast<nsIContentFrameMessageManager*>(ppm.get()),
|
||||
mMessage, false, &data, JS::NullPtr(), nullptr, nullptr);
|
||||
mMessage, false, &data, JS::NullPtr(), nullptr);
|
||||
}
|
||||
return NS_OK;
|
||||
}
|
||||
|
@ -188,8 +188,7 @@ public:
|
||||
nsresult ReceiveMessage(nsISupports* aTarget, const nsAString& aMessage,
|
||||
bool aSync, const StructuredCloneData* aCloneData,
|
||||
JS::Handle<JSObject*> aObjectsArray,
|
||||
InfallibleTArray<nsString>* aJSONRetVal,
|
||||
JSContext* aContext = nullptr);
|
||||
InfallibleTArray<nsString>* aJSONRetVal);
|
||||
|
||||
void AddChildManager(nsFrameMessageManager* aManager,
|
||||
bool aLoadScripts = true);
|
||||
|
@ -74,7 +74,7 @@ public:
|
||||
|
||||
nsRefPtr<nsFrameMessageManager> mm = mTabChild->mChromeMessageManager;
|
||||
mm->ReceiveMessage(mTabChild->mOwner, mMessage, false, &data,
|
||||
JS::NullPtr(), nullptr, nullptr);
|
||||
JS::NullPtr(), nullptr);
|
||||
}
|
||||
return NS_OK;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user