Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2025-01-13 07:24:47 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 853709 - Deny accessor definitions in SecurityWrapper. r=mrbkap

Browse Source
This commit is contained in:
Bobby Holley 2013-03-29 18:13:52 -07:00
parent c5bb0e4c6b
commit bad3977faa
3 changed files with 18 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
js/src/js.msg
View File

@ -129,7 +129,7 @@ MSG_DEF(JSMSG_PAREN_AFTER_COND, 75, 0, JSEXN_SYNTAXERR, "missing ) after
MSG_DEF(JSMSG_BAD_DUP_ARGS, 76, 0, JSEXN_SYNTAXERR, "duplicate argument names not allowed in this context")
MSG_DEF(JSMSG_NAME_AFTER_DOT, 77, 0, JSEXN_SYNTAXERR, "missing name after . operator")
MSG_DEF(JSMSG_BRACKET_IN_INDEX, 78, 0, JSEXN_SYNTAXERR, "missing ] in index expression")
MSG_DEF(JSMSG_UNUSED79, 79, 0, JSEXN_NONE, "")
MSG_DEF(JSMSG_ACCESSOR_DEF_DENIED, 79, 1, JSEXN_ERR, "Permission denied to define accessor property '{0}'")
MSG_DEF(JSMSG_PAREN_BEFORE_SWITCH, 80, 0, JSEXN_SYNTAXERR, "missing ( before switch expression")
MSG_DEF(JSMSG_PAREN_AFTER_SWITCH, 81, 0, JSEXN_SYNTAXERR, "missing ) after switch expression")
MSG_DEF(JSMSG_CURLY_BEFORE_SWITCH, 82, 0, JSEXN_SYNTAXERR, "missing { before switch body")

15
js/src/jswrapper.cpp
View File

@ -659,6 +659,21 @@ SecurityWrapper<Base>::regexp_toShared(JSContext *cx, HandleObject obj, RegExpGu
return Base::regexp_toShared(cx, obj, g);
}
template <class Base>
bool
SecurityWrapper<Base>::defineProperty(JSContext *cx, HandleObject wrapper,
HandleId id, PropertyDescriptor *desc)
{
if (desc->getter || desc->setter) {
JSString *str = IdToString(cx, id);
const jschar *prop = str ? str->getCharsZ(cx) : NULL;
JS_ReportErrorNumberUC(cx, js_GetErrorMessage, NULL,
JSMSG_ACCESSOR_DEF_DENIED, prop);
return false;
}
return Base::defineProperty(cx, wrapper, id, desc);
}
template class js::SecurityWrapper<Wrapper>;
template class js::SecurityWrapper<CrossCompartmentWrapper>;

2
js/src/jswrapper.h
View File

@ -150,6 +150,8 @@ class JS_FRIEND_API(SecurityWrapper) : public Base
virtual bool objectClassIs(HandleObject obj, ESClassValue classValue,
JSContext *cx) MOZ_OVERRIDE;
virtual bool regexp_toShared(JSContext *cx, HandleObject proxy, RegExpGuard *g) MOZ_OVERRIDE;
virtual bool defineProperty(JSContext *cx, HandleObject wrapper, HandleId id,
PropertyDescriptor *desc) MOZ_OVERRIDE;
/*
* Allow our subclasses to select the superclass behavior they want without