[tor-commits] [tor-browser/tor-browser-24.5.0esr-1] fix #9308 and #11433: don't leak user install path of TBB

mikeperry at torproject.org mikeperry at torproject.org
Fri Apr 25 17:33:07 UTC 2014


commit 7ac088b732719d6e69466e583b7eb31767759d22
Author: Arthur Edelstein <arthuredelstein at gmail.com>
Date:   Wed Apr 23 16:05:48 2014 -0700

    fix #9308 and #11433: don't leak user install path of TBB
---
 js/xpconnect/src/XPCConvert.cpp   |    5 ++++-
 js/xpconnect/src/XPCException.cpp |    7 ++++++-
 js/xpconnect/src/XPCStack.cpp     |    7 +++++--
 xpcom/build/Omnijar.cpp           |   29 +++++++++++++++++++++++++++++
 xpcom/build/Omnijar.h             |   13 +++++++++++++
 5 files changed, 57 insertions(+), 4 deletions(-)

diff --git a/js/xpconnect/src/XPCConvert.cpp b/js/xpconnect/src/XPCConvert.cpp
index a94a519..dd8c8f4 100644
--- a/js/xpconnect/src/XPCConvert.cpp
+++ b/js/xpconnect/src/XPCConvert.cpp
@@ -8,6 +8,7 @@
 /* Data conversion between native and JavaScript types. */
 
 #include "mozilla/Util.h"
+#include "mozilla/Omnijar.h"
 
 #include "xpcprivate.h"
 #include "nsString.h"
@@ -1319,9 +1320,11 @@ XPCConvert::JSErrorToXPCException(const char* message,
             static_cast<const PRUnichar*>(report->uclinebuf);
 
         data = new nsScriptError();
+        nsAutoCString resourceFilename;
+        Omnijar::ConvertToResourceFilename(nsCString(report->filename), resourceFilename);
         data->InitWithWindowID(
             bestMessage,
-            NS_ConvertASCIItoUTF16(report->filename),
+            NS_ConvertASCIItoUTF16(resourceFilename.get()),
             uclinebuf ? nsDependentString(uclinebuf) : EmptyString(),
             report->lineno,
             report->uctokenptr - report->uclinebuf, report->flags,
diff --git a/js/xpconnect/src/XPCException.cpp b/js/xpconnect/src/XPCException.cpp
index a0b48c2..1e42662 100644
--- a/js/xpconnect/src/XPCException.cpp
+++ b/js/xpconnect/src/XPCException.cpp
@@ -9,6 +9,7 @@
 #include "xpcprivate.h"
 #include "nsError.h"
 #include "nsIUnicodeDecoder.h"
+#include "mozilla/Omnijar.h"
 
 /***************************************************************************/
 /* Quick and dirty mapping of well known result codes to strings. We only
@@ -291,8 +292,12 @@ nsXPCException::Initialize(const char *aMessage, nsresult aResult, const char *a
         // For now, fill in our location details from our stack frame.
         // Later we may allow other locations?
         nsresult rc;
-        if (NS_FAILED(rc = aLocation->GetFilename(&mFilename)))
+        char* rawFilename = nullptr;
+        if (NS_FAILED(rc = aLocation->GetFilename(&rawFilename)))
             return rc;
+        nsAutoCString resourceFilename;
+        mozilla::Omnijar::ConvertToResourceFilename(nsCString(rawFilename), resourceFilename);
+        mFilename = (char *) nsMemory::Clone(resourceFilename.get(), resourceFilename.Length()+1);
         if (NS_FAILED(rc = aLocation->GetLineNumber(&mLineNumber)))
             return rc;
     } else {
diff --git a/js/xpconnect/src/XPCStack.cpp b/js/xpconnect/src/XPCStack.cpp
index db30556..adfd456 100644
--- a/js/xpconnect/src/XPCStack.cpp
+++ b/js/xpconnect/src/XPCStack.cpp
@@ -7,6 +7,7 @@
 /* Implements nsIStackFrame. */
 
 #include "xpcprivate.h"
+#include "mozilla/Omnijar.h"
 
 class XPCJSStackFrame : public nsIStackFrame
 {
@@ -107,9 +108,11 @@ XPCJSStackFrame::CreateStack(JSContext* cx, XPCJSStackFrame** stack)
 	JSAutoCompartment ac(cx, desc->frames[i].script);
         const char* filename = JS_GetScriptFilename(cx, desc->frames[i].script);
         if (filename) {
+            nsAutoCString resourceFilename;
+            mozilla::Omnijar::ConvertToResourceFilename(nsCString(filename), resourceFilename);
             self->mFilename = (char*)
-                nsMemory::Clone(filename,
-                                sizeof(char)*(strlen(filename)+1));
+                nsMemory::Clone(resourceFilename.get(),
+                                sizeof(char)*(resourceFilename.Length()+1));
         }
 
         self->mLineno = desc->frames[i].lineno;
diff --git a/xpcom/build/Omnijar.cpp b/xpcom/build/Omnijar.cpp
index 4d75c7e..79fa163 100644
--- a/xpcom/build/Omnijar.cpp
+++ b/xpcom/build/Omnijar.cpp
@@ -164,4 +164,33 @@ Omnijar::GetURIString(Type aType, nsACString &result)
     return NS_OK;
 }
 
+bool
+Omnijar::RebaseFilename(const nsCString& filename, const nsCString& oldBase, const nsCString& newBase, nsACString &result) {
+    PRInt32 pos = filename.Find(oldBase);
+    if (pos > -1) {
+        nsAutoCString path;
+        filename.Right(path, filename.Length() - pos - oldBase.Length());
+        result = newBase + path;
+        return true;
+    }
+    result = filename;
+    return false;
+}
+
+void
+Omnijar::ConvertToResourceFilename(const nsCString& filename, nsACString &result) {
+    if (StringBeginsWith(filename, NS_LITERAL_CSTRING("file://"))
+        || StringBeginsWith(filename, NS_LITERAL_CSTRING("jar:"))) {
+        if (RebaseFilename(filename, NS_LITERAL_CSTRING("/browser/omni.ja!/"),
+                           NS_LITERAL_CSTRING("resource://app/"), result)) {
+            return;
+        }
+        if (RebaseFilename(filename, NS_LITERAL_CSTRING("/omni.ja!/"),
+                           NS_LITERAL_CSTRING("resource://gre/"), result)) {
+            return;
+        }
+    }
+    result = filename;
+}
+
 } /* namespace mozilla */
diff --git a/xpcom/build/Omnijar.h b/xpcom/build/Omnijar.h
index a261e35..4ba49a7 100644
--- a/xpcom/build/Omnijar.h
+++ b/xpcom/build/Omnijar.h
@@ -117,12 +117,25 @@ static already_AddRefed<nsZipArchive> GetReader(nsIFile *aPath);
  */
 static nsresult GetURIString(Type aType, nsACString &result);
 
+/**
+ * If the filename contains a "file://" URI, which is an absolute path,
+ * attempts to convert to a "resource://" URI. Otherwise returns the
+ * filename unchanged.
+ */
+static void ConvertToResourceFilename(const nsCString& filename, nsACString &result);
+
 private:
 /**
  * Used internally, respectively by Init() and CleanUp()
  */
 static void InitOne(nsIFile *aPath, Type aType);
 static void CleanUpOne(Type aType);
+/**
+ * Rebases a filename, given a (possibly internal) base directory, and a new
+ * base directory name. E.g.: RebaseFilename("a/b/c","b","d",result) -> result = "d/c".
+ */
+static bool RebaseFilename(const nsCString& filename, const nsCString& oldBase, const nsCString& newBase, nsACString &result);
+
 
 }; /* class Omnijar */
 





More information about the tor-commits mailing list