[tbb-commits] [tor-browser] 14/48: Bug 40432: Prevent probing installed applications

gitolite role git at cupani.torproject.org
Tue Sep 27 14:58:47 UTC 2022


This is an automated email from the git hooks/post-receive script.

richard pushed a commit to branch tor-browser-102.3.0esr-12.0-2
in repository tor-browser.

commit 33fe51f2a80af7db8c5bbe2c37ecbde10a886418
Author: Matthew Finkel <sysrqb at torproject.org>
AuthorDate: Mon May 17 18:09:09 2021 +0000

    Bug 40432: Prevent probing installed applications
    
    Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1711084
---
 .../exthandler/nsExternalHelperAppService.cpp      | 30 ++++++++++++++++++----
 1 file changed, 25 insertions(+), 5 deletions(-)

diff --git a/uriloader/exthandler/nsExternalHelperAppService.cpp b/uriloader/exthandler/nsExternalHelperAppService.cpp
index 0ec02e346617..c86b006a6b4c 100644
--- a/uriloader/exthandler/nsExternalHelperAppService.cpp
+++ b/uriloader/exthandler/nsExternalHelperAppService.cpp
@@ -866,8 +866,33 @@ nsresult nsExternalHelperAppService::GetFileTokenForPath(
 //////////////////////////////////////////////////////////////////////////////////////////////////////
 // begin external protocol service default implementation...
 //////////////////////////////////////////////////////////////////////////////////////////////////////
+
+static const char kExternalProtocolPrefPrefix[] =
+    "network.protocol-handler.external.";
+static const char kExternalProtocolDefaultPref[] =
+    "network.protocol-handler.external-default";
+
 NS_IMETHODIMP nsExternalHelperAppService::ExternalProtocolHandlerExists(
     const char* aProtocolScheme, bool* aHandlerExists) {
+
+  // Replicate the same check performed in LoadURI.
+  // Deny load if the prefs say to do so
+  nsAutoCString externalPref(kExternalProtocolPrefPrefix);
+  externalPref += aProtocolScheme;
+  bool allowLoad = false;
+  *aHandlerExists = false;
+  if (NS_FAILED(Preferences::GetBool(externalPref.get(), &allowLoad))) {
+    // no scheme-specific value, check the default
+    if (NS_FAILED(
+            Preferences::GetBool(kExternalProtocolDefaultPref, &allowLoad))) {
+      return NS_OK;  // missing default pref
+    }
+  }
+
+  if (!allowLoad) {
+    return NS_OK;  // explicitly denied
+  }
+
   nsCOMPtr<nsIHandlerInfo> handlerInfo;
   nsresult rv = GetProtocolHandlerInfo(nsDependentCString(aProtocolScheme),
                                        getter_AddRefs(handlerInfo));
@@ -910,11 +935,6 @@ NS_IMETHODIMP nsExternalHelperAppService::IsExposedProtocol(
   return NS_OK;
 }
 
-static const char kExternalProtocolPrefPrefix[] =
-    "network.protocol-handler.external.";
-static const char kExternalProtocolDefaultPref[] =
-    "network.protocol-handler.external-default";
-
 // static
 nsresult nsExternalHelperAppService::EscapeURI(nsIURI* aURI, nsIURI** aResult) {
   MOZ_ASSERT(aURI);

-- 
To stop receiving notification emails like this one, please contact
the administrator of this repository.


More information about the tbb-commits mailing list