Mercurial > mozreview > gecko / changeset / 6399ef08b2ba7bc4f8c2c0f7e7a26022a20e6e5f
summary | shortlog | changelog | pushlog | graph | tags | bookmarks | branches | files | changeset | raw | zip | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Bug 1370752: Part 1 - Enter the correct target compartment when creating structured clone holder. r?aswan draft
authorKris Maglione <maglione.k@gmail.com>
Fri, 09 Jun 2017 18:15:50 -0700
changeset 592055 6399ef08b2ba7bc4f8c2c0f7e7a26022a20e6e5f
parent 590711 0d16a08bbcfa181535789a43856ef176cc9829c8
child 592056 d81613741c356e531cc2744108ddac0a992298e9
push id63267
push usermaglione.k@gmail.com
push dateSat, 10 Jun 2017 01:26:33 +0000
reviewersaswan
bugs1370752
milestone55.0a1
Bug 1370752: Part 1 - Enter the correct target compartment when creating structured clone holder. r?aswan MozReview-Commit-ID: AoDsocd3vPu
dom/base/StructuredCloneBlob.cpp file | annotate | diff | comparison | revisions 
--- a/dom/base/StructuredCloneBlob.cpp
+++ b/dom/base/StructuredCloneBlob.cpp
@@ -22,28 +22,35 @@ namespace dom {
 StructuredCloneBlob::StructuredCloneBlob()
     : StructuredCloneHolder(CloningSupported, TransferringNotSupported,
                             StructuredCloneScope::DifferentProcess)
 {};
 
 
 /* static */ already_AddRefed<StructuredCloneBlob>
 StructuredCloneBlob::Constructor(GlobalObject& aGlobal, JS::HandleValue aValue,
-                                      JS::HandleObject aTargetGlobal,
-                                      ErrorResult& aRv)
+                                 JS::HandleObject aTargetGlobal,
+                                 ErrorResult& aRv)
 {
   JSContext* cx = aGlobal.Context();
 
   RefPtr<StructuredCloneBlob> holder = new StructuredCloneBlob();
 
   Maybe<JSAutoCompartment> ac;
   JS::RootedValue value(cx, aValue);
 
   if (aTargetGlobal) {
-    ac.emplace(cx, aTargetGlobal);
+    JS::RootedObject targetGlobal(cx, js::CheckedUnwrap(aTargetGlobal));
+    if (!targetGlobal) {
+      js::ReportAccessDenied(cx);
+      aRv.NoteJSContextException(cx);
+      return nullptr;
+    }
+
+    ac.emplace(cx, targetGlobal);
 
     if (!JS_WrapValue(cx, &value)) {
       aRv.NoteJSContextException(cx);
       return nullptr;
     }
   } else if (value.isObject()) {
     JS::RootedObject obj(cx, js::CheckedUnwrap(&value.toObject()));
     if (!obj) {
gecko
Deployed from 90768f014fd7 at 2025-05-26T08:10:17Z.