This is an automated email from the git hooks/post-receive script.
richard pushed a commit to branch tor-browser-102.2.0esr-12.0-3 in repository tor-browser.
commit 4d7e016db2ef7fd6519c9adecf69965daadda8c0 Author: Matthew Finkel sysrqb@torproject.org AuthorDate: Mon May 17 18:09:09 2021 +0000
Bug 40432: Prevent probing installed applications
Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1711084 --- .../exthandler/nsExternalHelperAppService.cpp | 30 ++++++++++++++++++---- 1 file changed, 25 insertions(+), 5 deletions(-)
diff --git a/uriloader/exthandler/nsExternalHelperAppService.cpp b/uriloader/exthandler/nsExternalHelperAppService.cpp index 41e1272f0c604..f3490531ed808 100644 --- a/uriloader/exthandler/nsExternalHelperAppService.cpp +++ b/uriloader/exthandler/nsExternalHelperAppService.cpp @@ -867,8 +867,33 @@ nsresult nsExternalHelperAppService::GetFileTokenForPath( ////////////////////////////////////////////////////////////////////////////////////////////////////// // begin external protocol service default implementation... ////////////////////////////////////////////////////////////////////////////////////////////////////// + +static const char kExternalProtocolPrefPrefix[] = + "network.protocol-handler.external."; +static const char kExternalProtocolDefaultPref[] = + "network.protocol-handler.external-default"; + NS_IMETHODIMP nsExternalHelperAppService::ExternalProtocolHandlerExists( const char* aProtocolScheme, bool* aHandlerExists) { + + // Replicate the same check performed in LoadURI. + // Deny load if the prefs say to do so + nsAutoCString externalPref(kExternalProtocolPrefPrefix); + externalPref += aProtocolScheme; + bool allowLoad = false; + *aHandlerExists = false; + if (NS_FAILED(Preferences::GetBool(externalPref.get(), &allowLoad))) { + // no scheme-specific value, check the default + if (NS_FAILED( + Preferences::GetBool(kExternalProtocolDefaultPref, &allowLoad))) { + return NS_OK; // missing default pref + } + } + + if (!allowLoad) { + return NS_OK; // explicitly denied + } + nsCOMPtr<nsIHandlerInfo> handlerInfo; nsresult rv = GetProtocolHandlerInfo(nsDependentCString(aProtocolScheme), getter_AddRefs(handlerInfo)); @@ -911,11 +936,6 @@ NS_IMETHODIMP nsExternalHelperAppService::IsExposedProtocol( return NS_OK; }
-static const char kExternalProtocolPrefPrefix[] = - "network.protocol-handler.external."; -static const char kExternalProtocolDefaultPref[] = - "network.protocol-handler.external-default"; - // static nsresult nsExternalHelperAppService::EscapeURI(nsIURI* aURI, nsIURI** aResult) { MOZ_ASSERT(aURI);