[tbb-commits] [tor-browser/tor-browser-60.1.0esr-8.0-1] Revert "Backport of fix for bug 1412081"

gk at torproject.org gk at torproject.org
Thu Aug 16 09:58:40 UTC 2018


commit bd4abf8ba8f4e1aea2acd4b895274f646ed951a8
Author: Georg Koppen <gk at torproject.org>
Date:   Thu Aug 16 07:21:24 2018 +0000

    Revert "Backport of fix for bug 1412081"
    
    This reverts commit 50f4653b90316394e7d6d3cd4a3e92e12f377666.
    
    We take the patch that actually landed on esr60 instead.
---
 dom/ipc/ContentPrefs.cpp                      |   1 -
 xpcom/io/FilePreferences.cpp                  | 328 ++++++++++----------------
 xpcom/io/FilePreferences.h                    |   6 -
 xpcom/io/nsLocalFileUnix.cpp                  |  58 -----
 xpcom/tests/gtest/TestFilePreferencesUnix.cpp | 203 ----------------
 xpcom/tests/gtest/moz.build                   |   5 -
 6 files changed, 122 insertions(+), 479 deletions(-)

diff --git a/dom/ipc/ContentPrefs.cpp b/dom/ipc/ContentPrefs.cpp
index ac1ea109fc9f..d011c7393125 100644
--- a/dom/ipc/ContentPrefs.cpp
+++ b/dom/ipc/ContentPrefs.cpp
@@ -270,7 +270,6 @@ const char* mozilla::dom::ContentPrefs::gEarlyPrefs[] = {
   "network.dns.disablePrefetch",
   "network.dns.disablePrefetchFromHTTPS",
   "network.file.disable_unc_paths",
-  "network.file.path_blacklist",
   "network.http.tailing.enabled",
   "network.jar.block-remote-files",
   "network.loadinfo.skip_type_assertion",
diff --git a/xpcom/io/FilePreferences.cpp b/xpcom/io/FilePreferences.cpp
index ca133fcaeb40..3ad0e0ee19e0 100644
--- a/xpcom/io/FilePreferences.cpp
+++ b/xpcom/io/FilePreferences.cpp
@@ -6,11 +6,7 @@
 
 #include "FilePreferences.h"
 
-#include "mozilla/ClearOnShutdown.h"
 #include "mozilla/Preferences.h"
-#include "mozilla/StaticPtr.h"
-#include "mozilla/Tokenizer.h"
-#include "mozilla/Unused.h"
 #include "nsAppDirectoryServiceDefs.h"
 #include "nsDirectoryServiceDefs.h"
 #include "nsDirectoryServiceUtils.h"
@@ -19,37 +15,15 @@ namespace mozilla {
 namespace FilePreferences {
 
 static bool sBlockUNCPaths = false;
-typedef nsTArray<nsString> WinPaths;
-static StaticAutoPtr<WinPaths> sWhitelist;
+typedef nsTArray<nsString> Paths;
 
-static WinPaths& PathWhitelist()
+static Paths& PathArray()
 {
-  if (!sWhitelist) {
-    sWhitelist = new nsTArray<nsString>();
-    ClearOnShutdown(&sWhitelist);
-  }
-  return *sWhitelist;
-}
-
-#ifdef XP_WIN
-typedef char16_t char_path_t;
-#else
-typedef char char_path_t;
-#endif
-
-typedef nsTArray<nsTString<char_path_t>> Paths;
-static StaticAutoPtr<Paths> sBlacklist;
-
-static Paths& PathBlacklist()
-{
-  if (!sBlacklist) {
-    sBlacklist = new nsTArray<nsTString<char_path_t>>();
-    ClearOnShutdown(&sBlacklist);
-  }
-  return *sBlacklist;
+  static Paths sPaths;
+  return sPaths;
 }
 
-static void AllowUNCDirectory(char const* directory)
+static void AllowDirectory(char const* directory)
 {
   nsCOMPtr<nsIFile> file;
   NS_GetSpecialDirectory(directory, getter_AddRefs(file));
@@ -69,201 +43,180 @@ static void AllowUNCDirectory(char const* directory)
     return;
   }
 
-  if (!PathWhitelist().Contains(path)) {
-    PathWhitelist().AppendElement(path);
+  if (!PathArray().Contains(path)) {
+    PathArray().AppendElement(path);
   }
 }
 
 void InitPrefs()
 {
   sBlockUNCPaths = Preferences::GetBool("network.file.disable_unc_paths", false);
-
-  PathBlacklist().Clear();
-  nsAutoCString blacklist;
-  Preferences::GetCString("network.file.path_blacklist", blacklist);
-
-  Tokenizer p(blacklist);
-  while (!p.CheckEOF()) {
-    nsCString path;
-    Unused << p.ReadUntil(Tokenizer::Token::Char(','), path);
-    path.Trim(" ");
-    if (!path.IsEmpty()) {
-#ifdef XP_WIN
-      PathBlacklist().AppendElement(NS_ConvertASCIItoUTF16(path));
-#else
-      PathBlacklist().AppendElement(path);
-#endif
-    }
-    Unused << p.CheckChar(',');
-  }
 }
 
 void InitDirectoriesWhitelist()
 {
   // NS_GRE_DIR is the installation path where the binary resides.
-  AllowUNCDirectory(NS_GRE_DIR);
+  AllowDirectory(NS_GRE_DIR);
   // NS_APP_USER_PROFILE_50_DIR and NS_APP_USER_PROFILE_LOCAL_50_DIR are the two
   // parts of the profile we store permanent and local-specific data.
-  AllowUNCDirectory(NS_APP_USER_PROFILE_50_DIR);
-  AllowUNCDirectory(NS_APP_USER_PROFILE_LOCAL_50_DIR);
+  AllowDirectory(NS_APP_USER_PROFILE_50_DIR);
+  AllowDirectory(NS_APP_USER_PROFILE_LOCAL_50_DIR);
 }
 
 namespace { // anon
 
-template <typename TChar>
 class Normalizer
 {
 public:
-  Normalizer(const nsTSubstring<TChar>& aFilePath, const TChar aSeparator)
-    : mFilePathCursor(aFilePath.BeginReading())
-    , mFilePathEnd(aFilePath.EndReading())
-    , mSeparator(aSeparator)
-  {
-  }
+  Normalizer(const nsAString& aFilePath, const char16_t aSeparator);
+  bool Get(nsAString& aNormalizedFilePath);
 
-  bool Get(nsTSubstring<TChar>& aNormalizedFilePath)
-  {
-    aNormalizedFilePath.Truncate();
-
-    // Windows UNC paths begin with double separator (\\)
-    // Linux paths begin with just one separator (/)
-    // If we want to use the normalizer for regular windows paths this code
-    // will need to be updated.
-#ifdef XP_WIN
-    if (IsEOF()) {
-      return true;
-    }
-    if (ConsumeSeparator()) {
-      aNormalizedFilePath.Append(mSeparator);
-    }
-#endif
+private:
+  bool ConsumeItem();
+  bool ConsumeSeparator();
+  bool IsEOF() { return mFilePathCursor == mFilePathEnd; }
 
-    if (IsEOF()) {
-      return true;
-    }
-    if (ConsumeSeparator()) {
-      aNormalizedFilePath.Append(mSeparator);
-    }
+  bool ConsumeName();
+  bool CheckParentDir();
+  bool CheckCurrentDir();
 
-    while (!IsEOF()) {
-      if (!ConsumeName()) {
-        return false;
-      }
-    }
+  nsString::const_char_iterator mFilePathCursor;
+  nsString::const_char_iterator mFilePathEnd;
 
-    for (auto const& name : mStack) {
-      aNormalizedFilePath.Append(name);
-    }
+  nsDependentSubstring mItem;
+  char16_t const mSeparator;
+  nsTArray<nsDependentSubstring> mStack;
+};
 
-    return true;
+Normalizer::Normalizer(const nsAString& aFilePath, const char16_t aSeparator)
+  : mFilePathCursor(aFilePath.BeginReading())
+  , mFilePathEnd(aFilePath.EndReading())
+  , mSeparator(aSeparator)
+{
+}
+
+bool Normalizer::ConsumeItem()
+{
+  if (IsEOF()) {
+    return false;
   }
 
-private:
-  bool ConsumeItem()
-  {
-    if (IsEOF()) {
-      return false;
+  nsString::const_char_iterator nameBegin = mFilePathCursor;
+  while (mFilePathCursor != mFilePathEnd) {
+    if (*mFilePathCursor == mSeparator) {
+      break; // don't include the separator
     }
+    ++mFilePathCursor;
+  }
 
-    typename nsTString<TChar>::const_char_iterator nameBegin = mFilePathCursor;
-    while (mFilePathCursor != mFilePathEnd) {
-      if (*mFilePathCursor == mSeparator) {
-        break; // don't include the separator
-      }
-      ++mFilePathCursor;
-    }
+  mItem.Rebind(nameBegin, mFilePathCursor);
+  return true;
+}
 
-    mItem.Rebind(nameBegin, mFilePathCursor);
-    return true;
+bool Normalizer::ConsumeSeparator()
+{
+  if (IsEOF()) {
+    return false;
   }
 
-  bool ConsumeSeparator()
-  {
-    if (IsEOF()) {
-      return false;
-    }
+  if (*mFilePathCursor != mSeparator) {
+    return false;
+  }
 
-    if (*mFilePathCursor != mSeparator) {
-      return false;
-    }
+  ++mFilePathCursor;
+  return true;
+}
 
-    ++mFilePathCursor;
+bool Normalizer::Get(nsAString& aNormalizedFilePath)
+{
+  aNormalizedFilePath.Truncate();
+
+  if (IsEOF()) {
     return true;
   }
+  if (ConsumeSeparator()) {
+    aNormalizedFilePath.Append(mSeparator);
+  }
 
-  bool IsEOF() { return mFilePathCursor == mFilePathEnd; }
+  if (IsEOF()) {
+    return true;
+  }
+  if (ConsumeSeparator()) {
+    aNormalizedFilePath.Append(mSeparator);
+  }
 
-  bool ConsumeName()
-  {
-    if (!ConsumeItem()) {
-      return true;
+  while (!IsEOF()) {
+    if (!ConsumeName()) {
+      return false;
     }
+  }
 
-    if (CheckCurrentDir()) {
-      return true;
-    }
+  for (auto const& name : mStack) {
+    aNormalizedFilePath.Append(name);
+  }
 
-    if (CheckParentDir()) {
-      if (!mStack.Length()) {
-        // This means there are more \.. than valid names
-        return false;
-      }
+  return true;
+}
 
-      mStack.RemoveElementAt(mStack.Length() - 1);
-      return true;
-    }
+bool Normalizer::ConsumeName()
+{
+  if (!ConsumeItem()) {
+    return true;
+  }
 
-    if (mItem.IsEmpty()) {
-      // this means an empty name (a lone slash), which is illegal
-      return false;
-    }
+  if (CheckCurrentDir()) {
+    return true;
+  }
 
-    if (ConsumeSeparator()) {
-      mItem.Rebind(mItem.BeginReading(), mFilePathCursor);
+  if (CheckParentDir()) {
+    if (!mStack.Length()) {
+      // This means there are more \.. than valid names
+      return false;
     }
-    mStack.AppendElement(mItem);
 
+    mStack.RemoveElementAt(mStack.Length() - 1);
     return true;
   }
 
-  bool CheckParentDir()
-  {
-    if (mItem.EqualsLiteral("..")) {
-      ConsumeSeparator();
-      // EOF is acceptable
-      return true;
-    }
-
+  if (mItem.IsEmpty()) {
+    // this means an empty name (a lone slash), which is illegal
     return false;
   }
 
-  bool CheckCurrentDir()
-  {
-    if (mItem.EqualsLiteral(".")) {
-      ConsumeSeparator();
-      // EOF is acceptable
-      return true;
-    }
+  if (ConsumeSeparator()) {
+    mItem.Rebind(mItem.BeginReading(), mFilePathCursor);
+  }
+  mStack.AppendElement(mItem);
 
-    return false;
+  return true;
+}
+
+bool Normalizer::CheckCurrentDir()
+{
+  if (mItem == NS_LITERAL_STRING(".")) {
+    ConsumeSeparator();
+    // EOF is acceptable
+    return true;
   }
 
-  typename nsTString<TChar>::const_char_iterator mFilePathCursor;
-  typename nsTString<TChar>::const_char_iterator mFilePathEnd;
+  return false;
+}
 
-  nsTDependentSubstring<TChar> mItem;
-  TChar const mSeparator;
-  nsTArray<nsTDependentSubstring<TChar>> mStack;
-};
+bool Normalizer::CheckParentDir()
+{
+  if (mItem == NS_LITERAL_STRING("..")) {
+    ConsumeSeparator();
+    // EOF is acceptable
+    return true;
+  }
+
+  return false;
+}
 
 } // anon
 
 bool IsBlockedUNCPath(const nsAString& aFilePath)
 {
-  if (!sWhitelist) {
-    return false;
-  }
-
   if (!sBlockUNCPaths) {
     return false;
   }
@@ -273,12 +226,12 @@ bool IsBlockedUNCPath(const nsAString& aFilePath)
   }
 
   nsAutoString normalized;
-  if (!Normalizer<char16_t>(aFilePath, L'\\').Get(normalized)) {
+  if (!Normalizer(aFilePath, L'\\').Get(normalized)) {
     // Broken paths are considered invalid and thus inaccessible
     return true;
   }
 
-  for (const auto& allowedPrefix : PathWhitelist()) {
+  for (const auto& allowedPrefix : PathArray()) {
     if (StringBeginsWith(normalized, allowedPrefix)) {
       if (normalized.Length() == allowedPrefix.Length()) {
         return false;
@@ -298,43 +251,6 @@ bool IsBlockedUNCPath(const nsAString& aFilePath)
   return true;
 }
 
-#ifdef XP_WIN
-const char16_t kPathSeparator = L'\\';
-#else
-const char kPathSeparator = '/';
-#endif
-
-bool IsAllowedPath(const nsTSubstring<char_path_t>& aFilePath)
-{
-  // If sBlacklist has been cleared at shutdown, we must avoid calling
-  // PathBlacklist() again, as that will recreate the array and we will leak.
-  if (!sBlacklist) {
-    return true;
-  }
-
-  if (PathBlacklist().Length() == 0) {
-    return true;
-  }
-
-  nsTAutoString<char_path_t> normalized;
-  if (!Normalizer<char_path_t>(aFilePath, kPathSeparator).Get(normalized)) {
-    // Broken paths are considered invalid and thus inaccessible
-    return false;
-  }
-
-  for (const auto& prefix : PathBlacklist()) {
-    if (StringBeginsWith(normalized, prefix)) {
-      if (normalized.Length() > prefix.Length() &&
-          normalized[prefix.Length()] != kPathSeparator) {
-        continue;
-      }
-      return false;
-    }
-  }
-
-  return true;
-}
-
 void testing::SetBlockUNCPaths(bool aBlock)
 {
   sBlockUNCPaths = aBlock;
@@ -342,12 +258,12 @@ void testing::SetBlockUNCPaths(bool aBlock)
 
 void testing::AddDirectoryToWhitelist(nsAString const & aPath)
 {
-  PathWhitelist().AppendElement(aPath);
+  PathArray().AppendElement(aPath);
 }
 
 bool testing::NormalizePath(nsAString const & aPath, nsAString & aNormalized)
 {
-  Normalizer<char16_t> normalizer(aPath, L'\\');
+  Normalizer normalizer(aPath, L'\\');
   return normalizer.Get(aNormalized);
 }
 
diff --git a/xpcom/io/FilePreferences.h b/xpcom/io/FilePreferences.h
index 71c244201735..fa281f9e6799 100644
--- a/xpcom/io/FilePreferences.h
+++ b/xpcom/io/FilePreferences.h
@@ -13,12 +13,6 @@ void InitPrefs();
 void InitDirectoriesWhitelist();
 bool IsBlockedUNCPath(const nsAString& aFilePath);
 
-#ifdef XP_WIN
-bool IsAllowedPath(const nsAString& aFilePath);
-#else
-bool IsAllowedPath(const nsACString& aFilePath);
-#endif
-
 namespace testing {
 
 void SetBlockUNCPaths(bool aBlock);
diff --git a/xpcom/io/nsLocalFileUnix.cpp b/xpcom/io/nsLocalFileUnix.cpp
index cc241b179ab4..768f66b301ec 100644
--- a/xpcom/io/nsLocalFileUnix.cpp
+++ b/xpcom/io/nsLocalFileUnix.cpp
@@ -12,7 +12,6 @@
 #include "mozilla/Attributes.h"
 #include "mozilla/DebugOnly.h"
 #include "mozilla/Sprintf.h"
-#include "mozilla/FilePreferences.h"
 
 #include <sys/types.h>
 #include <sys/stat.h>
@@ -85,8 +84,6 @@ using namespace mozilla;
     do {                                        \
         if (mPath.IsEmpty())                    \
             return NS_ERROR_NOT_INITIALIZED;    \
-        if (!FilePreferences::IsAllowedPath(mPath)) \
-            return NS_ERROR_FILE_ACCESS_DENIED; \
     } while(0)
 
 /* directory enumerator */
@@ -143,13 +140,6 @@ nsDirEnumeratorUnix::Init(nsLocalFile* aParent,
     return NS_ERROR_FILE_INVALID_PATH;
   }
 
-  // When enumerating the directory, the paths must have a slash at the end.
-  nsAutoCString dirPathWithSlash(dirPath);
-  dirPathWithSlash.Append('/');
-  if (!FilePreferences::IsAllowedPath(dirPathWithSlash)) {
-    return NS_ERROR_FILE_ACCESS_DENIED;
-  }
-
   if (NS_FAILED(aParent->GetNativePath(mParentPath))) {
     return NS_ERROR_FAILURE;
   }
@@ -279,11 +269,6 @@ nsLocalFile::nsLocalFileConstructor(nsISupports* aOuter,
 bool
 nsLocalFile::FillStatCache()
 {
-  if (!FilePreferences::IsAllowedPath(mPath)) {
-    errno = EACCES;
-    return false;
-  }
-
   if (STAT(mPath.get(), &mCachedStat) == -1) {
     // try lstat it may be a symlink
     if (LSTAT(mPath.get(), &mCachedStat) == -1) {
@@ -326,11 +311,6 @@ nsLocalFile::InitWithNativePath(const nsACString& aFilePath)
     mPath = aFilePath;
   }
 
-  if (!FilePreferences::IsAllowedPath(mPath)) {
-    mPath.Truncate();
-    return NS_ERROR_FILE_ACCESS_DENIED;
-  }
-
   // trim off trailing slashes
   ssize_t len = mPath.Length();
   while ((len > 1) && (mPath[len - 1] == '/')) {
@@ -344,10 +324,6 @@ nsLocalFile::InitWithNativePath(const nsACString& aFilePath)
 NS_IMETHODIMP
 nsLocalFile::CreateAllAncestors(uint32_t aPermissions)
 {
-  if (!FilePreferences::IsAllowedPath(mPath)) {
-    return NS_ERROR_FILE_ACCESS_DENIED;
-  }
-
   // <jband> I promise to play nice
   char* buffer = mPath.BeginWriting();
   char* slashp = buffer;
@@ -419,9 +395,6 @@ NS_IMETHODIMP
 nsLocalFile::OpenNSPRFileDesc(int32_t aFlags, int32_t aMode,
                               PRFileDesc** aResult)
 {
-  if (!FilePreferences::IsAllowedPath(mPath)) {
-    return NS_ERROR_FILE_ACCESS_DENIED;
-  }
   *aResult = PR_Open(mPath.get(), aFlags, aMode);
   if (!*aResult) {
     return NS_ErrorAccordingToNSPR();
@@ -443,9 +416,6 @@ nsLocalFile::OpenNSPRFileDesc(int32_t aFlags, int32_t aMode,
 NS_IMETHODIMP
 nsLocalFile::OpenANSIFileDesc(const char* aMode, FILE** aResult)
 {
-  if (!FilePreferences::IsAllowedPath(mPath)) {
-    return NS_ERROR_FILE_ACCESS_DENIED;
-  }
   *aResult = fopen(mPath.get(), aMode);
   if (!*aResult) {
     return NS_ERROR_FAILURE;
@@ -472,10 +442,6 @@ nsresult
 nsLocalFile::CreateAndKeepOpen(uint32_t aType, int aFlags,
                                uint32_t aPermissions, PRFileDesc** aResult)
 {
-  if (!FilePreferences::IsAllowedPath(mPath)) {
-    return NS_ERROR_FILE_ACCESS_DENIED;
-  }
-
   if (aType != NORMAL_FILE_TYPE && aType != DIRECTORY_TYPE) {
     return NS_ERROR_FILE_UNKNOWN_TYPE;
   }
@@ -525,10 +491,6 @@ nsLocalFile::CreateAndKeepOpen(uint32_t aType, int aFlags,
 NS_IMETHODIMP
 nsLocalFile::Create(uint32_t aType, uint32_t aPermissions)
 {
-  if (!FilePreferences::IsAllowedPath(mPath)) {
-    return NS_ERROR_FILE_ACCESS_DENIED;
-  }
-
   PRFileDesc* junk = nullptr;
   nsresult rv = CreateAndKeepOpen(aType,
                                   PR_WRONLY | PR_CREATE_FILE | PR_TRUNCATE |
@@ -584,10 +546,6 @@ nsLocalFile::Normalize()
   char resolved_path[PATH_MAX] = "";
   char* resolved_path_ptr = nullptr;
 
-  if (!FilePreferences::IsAllowedPath(mPath)) {
-    return NS_ERROR_FILE_ACCESS_DENIED;
-  }
-
   resolved_path_ptr = realpath(mPath.get(), resolved_path);
 
   // if there is an error, the return is null.
@@ -1059,10 +1017,6 @@ nsLocalFile::MoveToNative(nsIFile* aNewParent, const nsACString& aNewName)
     return rv;
   }
 
-  if (!FilePreferences::IsAllowedPath(newPathName)) {
-    return NS_ERROR_FILE_ACCESS_DENIED;
-  }
-
   // try for atomic rename, falling back to copy/delete
   if (rename(mPath.get(), newPathName.get()) < 0) {
     if (errno == EXDEV) {
@@ -2005,10 +1959,6 @@ nsLocalFile::SetPersistentDescriptor(const nsACString& aPersistentDescriptor)
 NS_IMETHODIMP
 nsLocalFile::Reveal()
 {
-  if (!FilePreferences::IsAllowedPath(mPath)) {
-    return NS_ERROR_FILE_ACCESS_DENIED;
-  }
-
 #ifdef MOZ_WIDGET_GTK
   nsCOMPtr<nsIGIOService> giovfs = do_GetService(NS_GIOSERVICE_CONTRACTID);
   if (!giovfs) {
@@ -2052,10 +2002,6 @@ nsLocalFile::Reveal()
 NS_IMETHODIMP
 nsLocalFile::Launch()
 {
-  if (!FilePreferences::IsAllowedPath(mPath)) {
-    return NS_ERROR_FILE_ACCESS_DENIED;
-  }
-
 #ifdef MOZ_WIDGET_GTK
   nsCOMPtr<nsIGIOService> giovfs = do_GetService(NS_GIOSERVICE_CONTRACTID);
   if (!giovfs) {
@@ -2210,10 +2156,6 @@ nsLocalFile::RenameToNative(nsIFile* aNewParentDir, const nsACString& aNewName)
     return rv;
   }
 
-  if (!FilePreferences::IsAllowedPath(newPathName)) {
-    return NS_ERROR_FILE_ACCESS_DENIED;
-  }
-
   // try for atomic rename
   if (rename(mPath.get(), newPathName.get()) < 0) {
     if (errno == EXDEV) {
diff --git a/xpcom/tests/gtest/TestFilePreferencesUnix.cpp b/xpcom/tests/gtest/TestFilePreferencesUnix.cpp
deleted file mode 100644
index c19928fcaec4..000000000000
--- a/xpcom/tests/gtest/TestFilePreferencesUnix.cpp
+++ /dev/null
@@ -1,203 +0,0 @@
-#include "gtest/gtest.h"
-
-#include "mozilla/FilePreferences.h"
-
-#include "nsDirectoryServiceDefs.h"
-#include "nsDirectoryServiceUtils.h"
-#include "mozilla/Preferences.h"
-#include "mozilla/ScopeExit.h"
-#include "nsISimpleEnumerator.h"
-
-using namespace mozilla;
-
-TEST(TestFilePreferencesUnix, Parsing)
-{
-  #define kBlacklisted "/tmp/blacklisted"
-  #define kBlacklistedDir "/tmp/blacklisted/"
-  #define kBlacklistedFile "/tmp/blacklisted/file"
-  #define kOther "/tmp/other"
-  #define kOtherDir "/tmp/other/"
-  #define kOtherFile "/tmp/other/file"
-  #define kAllowed "/tmp/allowed"
-
-  // This is run on exit of this function to make sure we clear the pref
-  // and that behaviour with the pref cleared is correct.
-  auto cleanup = MakeScopeExit([&] {
-    nsresult rv = Preferences::ClearUser("network.file.path_blacklist");
-    ASSERT_EQ(rv, NS_OK);
-    FilePreferences::InitPrefs();
-    ASSERT_EQ(FilePreferences::IsAllowedPath(NS_LITERAL_CSTRING(kBlacklisted)), true);
-    ASSERT_EQ(FilePreferences::IsAllowedPath(NS_LITERAL_CSTRING(kBlacklistedDir)), true);
-    ASSERT_EQ(FilePreferences::IsAllowedPath(NS_LITERAL_CSTRING(kBlacklistedFile)), true);
-    ASSERT_EQ(FilePreferences::IsAllowedPath(NS_LITERAL_CSTRING(kAllowed)), true);
-  });
-
-  auto CheckPrefs = [](const nsACString& aPaths)
-  {
-    nsresult rv;
-    rv = Preferences::SetCString("network.file.path_blacklist", aPaths);
-    ASSERT_EQ(rv, NS_OK);
-    FilePreferences::InitPrefs();
-    ASSERT_EQ(FilePreferences::IsAllowedPath(NS_LITERAL_CSTRING(kBlacklistedDir)), false);
-    ASSERT_EQ(FilePreferences::IsAllowedPath(NS_LITERAL_CSTRING(kBlacklistedDir)), false);
-    ASSERT_EQ(FilePreferences::IsAllowedPath(NS_LITERAL_CSTRING(kBlacklistedFile)), false);
-    ASSERT_EQ(FilePreferences::IsAllowedPath(NS_LITERAL_CSTRING(kBlacklisted)), false);
-    ASSERT_EQ(FilePreferences::IsAllowedPath(NS_LITERAL_CSTRING(kAllowed)), true);
-  };
-
-  CheckPrefs(NS_LITERAL_CSTRING(kBlacklisted));
-  CheckPrefs(NS_LITERAL_CSTRING(kBlacklisted "," kOther));
-  ASSERT_EQ(FilePreferences::IsAllowedPath(NS_LITERAL_CSTRING(kOtherFile)), false);
-  CheckPrefs(NS_LITERAL_CSTRING(kBlacklisted "," kOther ","));
-  ASSERT_EQ(FilePreferences::IsAllowedPath(NS_LITERAL_CSTRING(kOtherFile)), false);
-}
-
-TEST(TestFilePreferencesUnix, Simple)
-{
-  nsAutoCString tempPath;
-
-  // This is the directory we will blacklist
-  nsCOMPtr<nsIFile> blacklistedDir;
-  nsresult rv = NS_GetSpecialDirectory(NS_OS_TEMP_DIR, getter_AddRefs(blacklistedDir));
-  ASSERT_EQ(rv, NS_OK);
-  rv = blacklistedDir->GetNativePath(tempPath);
-  ASSERT_EQ(rv, NS_OK);
-  rv = blacklistedDir->AppendNative(NS_LITERAL_CSTRING("blacklisted_dir"));
-  ASSERT_EQ(rv, NS_OK);
-
-  // This is executed at exit to clean up after ourselves.
-  auto cleanup = MakeScopeExit([&] {
-    nsresult rv = Preferences::ClearUser("network.file.path_blacklist");
-    ASSERT_EQ(rv, NS_OK);
-    FilePreferences::InitPrefs();
-
-    rv = blacklistedDir->Remove(true);
-    ASSERT_EQ(rv, NS_OK);
-  });
-
-  // Create the directory
-  rv = blacklistedDir->Create(nsIFile::DIRECTORY_TYPE, 0666);
-  ASSERT_EQ(rv, NS_OK);
-
-  // This is the file we will try to access
-  nsCOMPtr<nsIFile> blacklistedFile;
-  rv = blacklistedDir->Clone(getter_AddRefs(blacklistedFile));
-  ASSERT_EQ(rv, NS_OK);
-  rv = blacklistedFile->AppendNative(NS_LITERAL_CSTRING("test_file"));
-
-  // Create the file
-  ASSERT_EQ(rv, NS_OK);
-  rv = blacklistedFile->Create(nsIFile::NORMAL_FILE_TYPE, 0666);
-
-  // Get the path for the blacklist
-  nsAutoCString blackListPath;
-  rv = blacklistedDir->GetNativePath(blackListPath);
-  ASSERT_EQ(rv, NS_OK);
-
-  // Set the pref and make sure it is enforced
-  rv = Preferences::SetCString("network.file.path_blacklist", blackListPath);
-  ASSERT_EQ(rv, NS_OK);
-  FilePreferences::InitPrefs();
-
-  // Check that we can't access some of the file attributes
-  int64_t size;
-  rv = blacklistedFile->GetFileSize(&size);
-  ASSERT_EQ(rv, NS_ERROR_FILE_ACCESS_DENIED);
-
-  bool exists;
-  rv = blacklistedFile->Exists(&exists);
-  ASSERT_EQ(rv, NS_ERROR_FILE_ACCESS_DENIED);
-
-  // Check that we can't enumerate the directory
-  nsCOMPtr<nsISimpleEnumerator> dirEnumerator;
-  rv = blacklistedDir->GetDirectoryEntries(getter_AddRefs(dirEnumerator));
-  ASSERT_EQ(rv, NS_ERROR_FILE_ACCESS_DENIED);
-
-  nsCOMPtr<nsIFile> newPath;
-  rv = NS_GetSpecialDirectory(NS_OS_TEMP_DIR, getter_AddRefs(newPath));
-  ASSERT_EQ(rv, NS_OK);
-  rv = newPath->AppendNative(NS_LITERAL_CSTRING("."));
-  ASSERT_EQ(rv, NS_OK);
-  rv = newPath->AppendNative(NS_LITERAL_CSTRING("blacklisted_dir"));
-  ASSERT_EQ(rv, NS_OK);
-  rv = newPath->Exists(&exists);
-  ASSERT_EQ(rv, NS_ERROR_FILE_ACCESS_DENIED);
-
-  rv = newPath->AppendNative(NS_LITERAL_CSTRING("test_file"));
-  ASSERT_EQ(rv, NS_OK);
-  rv = newPath->Exists(&exists);
-  ASSERT_EQ(rv, NS_ERROR_FILE_ACCESS_DENIED);
-
-  // Check that ./ does not bypass the filter
-  rv = NS_GetSpecialDirectory(NS_OS_TEMP_DIR, getter_AddRefs(newPath));
-  ASSERT_EQ(rv, NS_OK);
-  rv = newPath->AppendRelativeNativePath(NS_LITERAL_CSTRING("./blacklisted_dir/file"));
-  ASSERT_EQ(rv, NS_OK);
-  rv = newPath->Exists(&exists);
-  ASSERT_EQ(rv, NS_ERROR_FILE_ACCESS_DENIED);
-
-  // Check that ..  does not bypass the filter
-  rv = NS_GetSpecialDirectory(NS_OS_TEMP_DIR, getter_AddRefs(newPath));
-  ASSERT_EQ(rv, NS_OK);
-  rv = newPath->AppendRelativeNativePath(NS_LITERAL_CSTRING("allowed/../blacklisted_dir/file"));
-  ASSERT_EQ(rv, NS_OK);
-  rv = newPath->Exists(&exists);
-  ASSERT_EQ(rv, NS_ERROR_FILE_ACCESS_DENIED);
-
-  rv = NS_GetSpecialDirectory(NS_OS_TEMP_DIR, getter_AddRefs(newPath));
-  ASSERT_EQ(rv, NS_OK);
-  rv = newPath->AppendNative(NS_LITERAL_CSTRING("allowed"));
-  ASSERT_EQ(rv, NS_OK);
-  rv = newPath->AppendNative(NS_LITERAL_CSTRING(".."));
-  ASSERT_EQ(rv, NS_OK);
-  rv = newPath->AppendNative(NS_LITERAL_CSTRING("blacklisted_dir"));
-  ASSERT_EQ(rv, NS_OK);
-  rv = newPath->Exists(&exists);
-  ASSERT_EQ(rv, NS_ERROR_FILE_ACCESS_DENIED);
-
-  nsAutoCString trickyPath(tempPath);
-  trickyPath.AppendLiteral("/allowed/../blacklisted_dir/file");
-  rv = newPath->InitWithNativePath(trickyPath);
-  ASSERT_EQ(rv, NS_ERROR_FILE_ACCESS_DENIED);
-
-  // Check that we can't construct a path that is functionally the same
-  // as the blacklisted one and bypasses the filter.
-  trickyPath = tempPath;
-  trickyPath.AppendLiteral("/./blacklisted_dir/file");
-  rv = newPath->InitWithNativePath(trickyPath);
-  ASSERT_EQ(rv, NS_ERROR_FILE_ACCESS_DENIED);
-
-  trickyPath = tempPath;
-  trickyPath.AppendLiteral("//blacklisted_dir/file");
-  rv = newPath->InitWithNativePath(trickyPath);
-  ASSERT_EQ(rv, NS_ERROR_FILE_ACCESS_DENIED);
-
-  trickyPath.Truncate();
-  trickyPath.AppendLiteral("//");
-  trickyPath.Append(tempPath);
-  trickyPath.AppendLiteral("/blacklisted_dir/file");
-  rv = newPath->InitWithNativePath(trickyPath);
-  ASSERT_EQ(rv, NS_ERROR_FILE_ACCESS_DENIED);
-
-  trickyPath.Truncate();
-  trickyPath.AppendLiteral("//");
-  trickyPath.Append(tempPath);
-  trickyPath.AppendLiteral("//blacklisted_dir/file");
-  rv = newPath->InitWithNativePath(trickyPath);
-  ASSERT_EQ(rv, NS_ERROR_FILE_ACCESS_DENIED);
-
-  // Check that if the blacklisted string is a directory, we only block access
-  // to subresources, not the directory itself.
-  nsAutoCString blacklistDirPath(blackListPath);
-  blacklistDirPath.Append("/");
-  rv = Preferences::SetCString("network.file.path_blacklist", blacklistDirPath);
-  ASSERT_EQ(rv, NS_OK);
-  FilePreferences::InitPrefs();
-
-  // This should work, since we only block subresources
-  rv = blacklistedDir->Exists(&exists);
-  ASSERT_EQ(rv, NS_OK);
-
-  rv = blacklistedDir->GetDirectoryEntries(getter_AddRefs(dirEnumerator));
-  ASSERT_EQ(rv, NS_ERROR_FILE_ACCESS_DENIED);
-}
diff --git a/xpcom/tests/gtest/moz.build b/xpcom/tests/gtest/moz.build
index 4f1c9c73d653..90b5fd7652e6 100644
--- a/xpcom/tests/gtest/moz.build
+++ b/xpcom/tests/gtest/moz.build
@@ -73,11 +73,6 @@ if CONFIG['OS_TARGET'] == 'WINNT':
     UNIFIED_SOURCES += [
         'TestFilePreferencesWin.cpp',
     ]
-else:
-    UNIFIED_SOURCES += [
-        'TestFilePreferencesUnix.cpp',
-    ]
-
 
 if CONFIG['WRAP_STL_INCLUDES'] and CONFIG['CC_TYPE'] != 'clang-cl':
     UNIFIED_SOURCES += [





More information about the tbb-commits mailing list