JSBool
WrapObject(JSContext *cx, JSObject *scope, jsval v, jsval *vp)
{
// This might be redundant if called from XPC_SJOW_Construct, but it should
// be cheap in that case.
JSObject *objToWrap = UnsafeUnwrapSecurityWrapper(cx, JSVAL_TO_OBJECT(v));
if (!objToWrap ||
JS_TypeOfValue(cx, OBJECT_TO_JSVAL(objToWrap)) == JSTYPE_XML) {
return ThrowException(NS_ERROR_INVALID_ARG, cx);
}
// Prevent script created Script objects from ever being wrapped
// with XPCSafeJSObjectWrapper, and never let the eval function
// object be directly wrapped.
if (objToWrap->getClass() == &js_ScriptClass ||
(JS_ObjectIsFunction(cx, objToWrap) &&
JS_GetFunctionFastNative(cx, JS_ValueToFunction(cx, v)) ==
XPCWrapper::sEvalNative)) {
return ThrowException(NS_ERROR_INVALID_ARG, cx);
}
XPCWrappedNativeScope *xpcscope =
XPCWrappedNativeScope::FindInJSObjectScope(cx, scope);
NS_ASSERTION(xpcscope, "what crazy scope are we in?");
XPCWrappedNative *wrappedNative;
WrapperType type = xpcscope->GetWrapperFor(cx, objToWrap, SJOW,
&wrappedNative);
// NB: We allow XOW here because we're as restrictive as it is (and we know
// we're same origin here).
if (type != NONE && type != XOW && !(type & SJOW)) {
return ThrowException(NS_ERROR_INVALID_ARG, cx);
}
SLIM_LOG_WILL_MORPH(cx, objToWrap);
if (IS_SLIM_WRAPPER(objToWrap) && !MorphSlimWrapper(cx, objToWrap)) {
return ThrowException(NS_ERROR_FAILURE, cx);
}
XPCWrappedNative *wn =
XPCWrappedNative::GetWrappedNativeOfJSObject(cx, objToWrap);
if (wn) {
CheckWindow(wn);
}
JSObject *wrapperObj =
JS_NewObjectWithGivenProto(cx, js::Jsvalify(&SJOWClass), nsnull, scope);
if (!wrapperObj) {
// JS_NewObjectWithGivenProto already threw.
return JS_FALSE;
}
*vp = OBJECT_TO_JSVAL(wrapperObj);
if (!JS_SetReservedSlot(cx, wrapperObj, XPCWrapper::sWrappedObjSlot,
OBJECT_TO_JSVAL(objToWrap)) ||
!JS_SetReservedSlot(cx, wrapperObj, XPCWrapper::sFlagsSlot, JSVAL_ZERO)) {
return JS_FALSE;
}
return JS_TRUE;
}
JSBool
XPC_SJOW_Construct(JSContext *cx, JSObject *obj, uintN argc, jsval *argv,
jsval *rval)
{
if (argc < 1) {
return ThrowException(NS_ERROR_XPC_NOT_ENOUGH_ARGS, cx);
}
// |obj| almost always has the wrong proto and parent so we have to create
// our own object anyway. Set |obj| to null so we don't use it by accident.
obj = nsnull;
if (JSVAL_IS_PRIMITIVE(argv[0])) {
JSStackFrame *fp = nsnull;
if (JS_FrameIterator(cx, &fp) && JS_IsConstructorFrame(cx, fp)) {
return ThrowException(NS_ERROR_ILLEGAL_VALUE, cx);
}
*rval = argv[0];
return JS_TRUE;
}
JSObject *objToWrap = JSVAL_TO_OBJECT(argv[0]);
// Prevent script created Script objects from ever being wrapped
// with XPCSafeJSObjectWrapper, and never let the eval function
// object be directly wrapped.
if (STOBJ_GET_CLASS(objToWrap) == &js_ScriptClass ||
(::JS_ObjectIsFunction(cx, objToWrap) &&
::JS_GetFunctionNative(cx, ::JS_ValueToFunction(cx, argv[0])) ==
XPCWrapper::sEvalNative)) {
return ThrowException(NS_ERROR_INVALID_ARG, cx);
}
SLIM_LOG_WILL_MORPH(cx, objToWrap);
if(IS_SLIM_WRAPPER(objToWrap) && !MorphSlimWrapper(cx, objToWrap)) {
return ThrowException(NS_ERROR_FAILURE, cx);
}
// Check that the caller can access the unsafe object.
if (!CanCallerAccess(cx, objToWrap)) {
// CanCallerAccess() already threw for us.
return JS_FALSE;
}
JSObject *unsafeObj = GetUnsafeObject(objToWrap);
if (unsafeObj) {
// We're asked to wrap an already wrapped object. Re-wrap the
// object wrapped by the given wrapper.
objToWrap = unsafeObj;
}
// Don't use the object the JS engine created for us, it is in most
// cases incorectly parented and has a proto from the wrong scope.
JSObject *wrapperObj =
::JS_NewObjectWithGivenProto(cx, &sXPC_SJOW_JSClass.base, nsnull,
objToWrap);
if (!wrapperObj) {
// JS_NewObjectWithGivenProto already threw.
return JS_FALSE;
}
if (!::JS_SetReservedSlot(cx, wrapperObj, XPC_SJOW_SLOT_IS_RESOLVING,
JSVAL_ZERO)) {
return JS_FALSE;
}
*rval = OBJECT_TO_JSVAL(wrapperObj);
return JS_TRUE;
}
