Initial checkin of JavaScript 1.3, migrated from JSFUN13_BRANCH in /m/src repository.

(Minor changes in libmocha required to accomodate JSAPI changes.)
2024-10-09 19:35:51 +00:00 · 1998-04-24 00:32:02 +00:00 · 1998-04-24 00:32:02 +00:00 · 6c5d7e65c6
commit 6c5d7e65c6
parent ddc67e87cf
4 changed files with 30 additions and 48 deletions
--- a/lib/libmocha/lm.h
+++ b/lib/libmocha/lm.h
@ -673,7 +673,7 @@ lm_SetExternalCapture(JSContext *cx, JSPrincipals *principals,
                      JSBool b);

 extern JSBool
-lm_AddSetParentSecurityCheck(JSContext *cx, JSObject *obj);
+lm_CheckSetParentSlot(JSContext *cx, JSObject *obj, jsval id, jsval *vp);

 extern JSBool
 lm_SetDocumentDomain(JSContext *cx, JSPrincipals *principals, 
--- a/lib/libmocha/lm_layer.c
+++ b/lib/libmocha/lm_layer.c
@ -1033,10 +1033,20 @@ layer_finalize(JSContext *cx, JSObject *obj)
    JS_free(cx, js_layer);
 }

+JSBool layer_check_access(JSContext *cx, JSObject *obj, jsval id,
+                          JSAccessMode mode, jsval *vp)
+{
+    if(mode == JSACC_PARENT)  {
+        return lm_CheckSetParentSlot(cx, obj, id, vp);
+    }
+    return JS_TRUE;
+}
+
 JSClass lm_layer_class = {
    "Layer", JSCLASS_HAS_PRIVATE,
    JS_PropertyStub, JS_PropertyStub, layer_getProperty, layer_setProperty,
-    JS_EnumerateStub, layer_resolve_name, JS_ConvertStub, layer_finalize
+    JS_EnumerateStub, layer_resolve_name, JS_ConvertStub, layer_finalize,
+    NULL, layer_check_access
 };

 /* JS native method:
--- a/lib/libmocha/lm_taint.c
+++ b/lib/libmocha/lm_taint.c
@ -916,10 +916,7 @@ lm_GetInnermostPrincipals(JSContext *cx, JSObject *container,
    return (JSPrincipals *) &unknownPrincipals;
 }

-static JSPropertyOp oldParentSlotSetter = NULL;
-
-PR_STATIC_CALLBACK(JSBool)
-setParentSlot(JSContext *cx, JSObject *obj, jsval id, jsval *vp)
+JSBool lm_CheckSetParentSlot(JSContext *cx, JSObject *obj, jsval id, jsval *vp)
 {
    JSObject *newParent;

@ -945,44 +942,9 @@ setParentSlot(JSContext *cx, JSObject *obj, jsval id, jsval *vp)
            lm_SetContainerPrincipals(cx, obj, principals);
        }
    }
-    return (*oldParentSlotSetter)(cx, obj, id, vp);
-}
-
-JSBool
-lm_AddSetParentSecurityCheck(JSContext *cx, JSObject *obj) 
-{
-    JSAtom *atom;
-    JSObject *proto;
-    static char parentName[] = "__parent__";
-    JSProperty *prop;
-    JSBool ok;
-
-    /*
-     * Set up to intercept attempts to set __parent__. We need to check
-     * that an evil script is not changing the parent links so that it
-     * gains access to restricted information.
-     */
-    proto = obj;
-    for(;;) {
-        JSObject *next = JS_GetPrototype(cx, proto);
-        if (next == NULL)
-            break;
-        proto = next;
-    }
-    atom = js_Atomize(cx, parentName, sizeof(parentName)-1, 0); 
-    if (atom == NULL) 
-        return JS_FALSE;
-    ok = js_LookupProperty(cx, proto, (jsval)atom, NULL, &prop);
-    js_DropAtom(cx, atom);
-    if (!ok || prop == NULL)
-        return JS_FALSE;
-    if (oldParentSlotSetter == NULL)
-        oldParentSlotSetter = prop->setter;
-    prop->setter = setParentSlot;
    return JS_TRUE;
 }

-
 static JSBool
 canExtendTrust(JSContext *cx, void *from, void *to)
 {
@ -1022,9 +984,12 @@ lm_CheckContainerAccess(JSContext *cx, JSObject *obj, MochaDecoder *decoder,
    JSPrincipalsList *list;
    const char *fn;

-    principals = decoder->principals
-                 ? lm_GetInnermostPrincipals(decoder->js_context, obj, NULL)
-                 : NULL;
+    if(decoder->principals)  {
+        principals = lm_GetInnermostPrincipals(decoder->js_context, obj, NULL);
+    }  else  {
+	principals = NULL;
+    }
+
    if (principals == NULL) {
        /*
         * Attempt to access container before container has any scripts.
--- a/lib/libmocha/lm_win.c
+++ b/lib/libmocha/lm_win.c
@ -739,10 +739,20 @@ win_finalize(JSContext *cx, JSObject *obj)
    DROP_BACK_COUNT(decoder);
 }

+JSBool win_check_access(JSContext *cx, JSObject *obj, jsval id,
+                        JSAccessMode mode, jsval *vp)
+{
+    if(mode == JSACC_PARENT)  {
+        return lm_CheckSetParentSlot(cx, obj, id, vp);
+    }
+    return JS_TRUE;
+}
+
 JSClass lm_window_class = {
    "Window", JSCLASS_HAS_PRIVATE,
    JS_PropertyStub, JS_PropertyStub, win_getProperty, win_setProperty,
-    win_list_properties, win_resolve_name, JS_ConvertStub, win_finalize
+    win_list_properties, win_resolve_name, JS_ConvertStub, win_finalize,
+    NULL, win_check_access
 };

 /*
@ -3279,9 +3289,6 @@ lm_InitWindowContent(MochaDecoder *decoder)
    if (!JS_InitStandardClasses(cx, obj))
        return JS_FALSE;

-    if (!lm_AddSetParentSecurityCheck(cx, obj))
-        return JS_FALSE;
-
 #ifdef JAVA
    if (JSJ_IsEnabled() && !JSJ_InitContext(cx, obj))
        return JS_FALSE;