From 0e550f2fb90ada0b608bc1e1982b100291651806 Mon Sep 17 00:00:00 2001
From: wolfbeast <mcwerewolf@gmail.com>
Date: Wed, 2 May 2018 11:07:35 -0700
Subject: Refactor structured clone JSAPI to prevent mismatched scopes.

Roll-up of bugs 1442722, 1455071, 1433642, 1456604 and 1458320.
---
 dom/indexedDB/ActorsParent.cpp         | 35 +++++++++++++---------------------
 dom/indexedDB/IDBObjectStore.cpp       |  8 ++++----
 dom/indexedDB/IndexedDatabase.h        |  4 ++++
 dom/indexedDB/IndexedDatabaseInlines.h | 11 +++++++++--
 4 files changed, 30 insertions(+), 28 deletions(-)

(limited to 'dom/indexedDB')

diff --git a/dom/indexedDB/ActorsParent.cpp b/dom/indexedDB/ActorsParent.cpp
index 4e1b9f7af..e6fe9e2a8 100644
--- a/dom/indexedDB/ActorsParent.cpp
+++ b/dom/indexedDB/ActorsParent.cpp
@@ -8440,12 +8440,12 @@ class ObjectStoreAddOrPutRequestOp::SCInputStream final
   : public nsIInputStream
 {
   const JSStructuredCloneData& mData;
-  JSStructuredCloneData::IterImpl mIter;
+  JSStructuredCloneData::Iterator mIter;
 
 public:
   explicit SCInputStream(const JSStructuredCloneData& aData)
     : mData(aData)
-    , mIter(aData.Iter())
+    , mIter(aData.Start())
   { }
 
 private:
@@ -19687,7 +19687,7 @@ UpgradeFileIdsFunction::OnFunctionCall(mozIStorageValueArray* aArguments,
     return NS_ERROR_UNEXPECTED;
   }
 
-  StructuredCloneReadInfo cloneInfo;
+  StructuredCloneReadInfo cloneInfo(JS::StructuredCloneScope::DifferentProcess);
   DatabaseOperationBase::GetStructuredCloneReadInfoFromValueArray(aArguments,
                                                                   1,
                                                                   0,
@@ -19892,7 +19892,7 @@ DatabaseOperationBase::GetStructuredCloneReadInfoFromBlob(
     return NS_ERROR_FILE_CORRUPTED;
   }
 
-  if (!aInfo->mData.WriteBytes(uncompressedBuffer, uncompressed.Length())) {
+  if (!aInfo->mData.AppendBytes(uncompressedBuffer, uncompressed.Length())) {
     return NS_ERROR_OUT_OF_MEMORY;
   }
 
@@ -19978,7 +19978,7 @@ DatabaseOperationBase::GetStructuredCloneReadInfoFromExternalBlob(
       break;
     }
 
-    if (NS_WARN_IF(!aInfo->mData.WriteBytes(buffer, numRead))) {
+    if (NS_WARN_IF(!aInfo->mData.AppendBytes(buffer, numRead))) {
       rv = NS_ERROR_OUT_OF_MEMORY;
       break;
     }
@@ -25337,7 +25337,7 @@ UpdateIndexDataValuesFunction::OnFunctionCall(mozIStorageValueArray* aValues,
   }
 #endif
 
-  StructuredCloneReadInfo cloneInfo;
+  StructuredCloneReadInfo cloneInfo(JS::StructuredCloneScope::DifferentProcess);
   nsresult rv =
     GetStructuredCloneReadInfoFromValueArray(aValues,
                                              /* aDataIndex */ 3,
@@ -26546,18 +26546,9 @@ ObjectStoreAddOrPutRequestOp::DoDatabaseWork(DatabaseConnection* aConnection)
       char keyPropBuffer[keyPropSize];
       LittleEndian::writeUint64(keyPropBuffer, keyPropValue);
 
-      auto iter = cloneData.Iter();
-      DebugOnly<bool> result =
-       iter.AdvanceAcrossSegments(cloneData, cloneInfo.offsetToKeyProp());
-      MOZ_ASSERT(result);
-
-      for (uint32_t index = 0; index < keyPropSize; index++) {
-        char* keyPropPointer = iter.Data();
-        *keyPropPointer = keyPropBuffer[index];
-
-        result = iter.AdvanceAcrossSegments(cloneData, 1);
-        MOZ_ASSERT(result);
-      }
+      auto iter = cloneData.Start();
+      MOZ_ALWAYS_TRUE(cloneData.Advance(iter, cloneInfo.offsetToKeyProp()));
+      MOZ_ALWAYS_TRUE(cloneData.UpdateBytes(iter, keyPropBuffer, keyPropSize));
     }
   }
 
@@ -26583,7 +26574,7 @@ ObjectStoreAddOrPutRequestOp::DoDatabaseWork(DatabaseConnection* aConnection)
   } else {
     nsCString flatCloneData;
     flatCloneData.SetLength(cloneDataSize);
-    auto iter = cloneData.Iter();
+    auto iter = cloneData.Start();
     cloneData.ReadBytes(iter, flatCloneData.BeginWriting(), cloneDataSize);
 
     // Compress the bytes before adding into the database.
@@ -26840,7 +26831,7 @@ SCInputStream::ReadSegments(nsWriteSegmentFun aWriter,
     *_retval += count;
     aCount -= count;
 
-    mIter.Advance(mData, count);
+    mData.Advance(mIter, count);
   }
 
   return NS_OK;
@@ -28029,7 +28020,7 @@ CursorOpBase::PopulateResponseFromStatement(
 
   switch (mCursor->mType) {
     case OpenCursorParams::TObjectStoreOpenCursorParams: {
-      StructuredCloneReadInfo cloneInfo;
+      StructuredCloneReadInfo cloneInfo(JS::StructuredCloneScope::DifferentProcess);
       rv = GetStructuredCloneReadInfoFromStatement(aStmt,
                                                    2,
                                                    1,
@@ -28077,7 +28068,7 @@ CursorOpBase::PopulateResponseFromStatement(
         return rv;
       }
 
-      StructuredCloneReadInfo cloneInfo;
+      StructuredCloneReadInfo cloneInfo(JS::StructuredCloneScope::DifferentProcess);
       rv = GetStructuredCloneReadInfoFromStatement(aStmt,
                                                    4,
                                                    3,
diff --git a/dom/indexedDB/IDBObjectStore.cpp b/dom/indexedDB/IDBObjectStore.cpp
index a6d6c5f06..8a0b292ad 100644
--- a/dom/indexedDB/IDBObjectStore.cpp
+++ b/dom/indexedDB/IDBObjectStore.cpp
@@ -67,7 +67,7 @@ struct IDBObjectStore::StructuredCloneWriteInfo
   uint64_t mOffsetToKeyProp;
 
   explicit StructuredCloneWriteInfo(IDBDatabase* aDatabase)
-    : mCloneBuffer(JS::StructuredCloneScope::SameProcessSameThread, nullptr,
+    : mCloneBuffer(JS::StructuredCloneScope::DifferentProcessForIndexedDB, nullptr,
                    nullptr)
     , mDatabase(aDatabase)
     , mOffsetToKeyProp(0)
@@ -1216,7 +1216,7 @@ IDBObjectStore::DeserializeValue(JSContext* aCx,
   // FIXME: Consider to use StructuredCloneHolder here and in other
   //        deserializing methods.
   if (!JS_ReadStructuredClone(aCx, aCloneReadInfo.mData, JS_STRUCTURED_CLONE_VERSION,
-                              JS::StructuredCloneScope::SameProcessSameThread,
+                              JS::StructuredCloneScope::DifferentProcessForIndexedDB,
                               aValue, &callbacks, &aCloneReadInfo)) {
     return false;
   }
@@ -1249,7 +1249,7 @@ IDBObjectStore::DeserializeIndexValue(JSContext* aCx,
   };
 
   if (!JS_ReadStructuredClone(aCx, aCloneReadInfo.mData, JS_STRUCTURED_CLONE_VERSION,
-                              JS::StructuredCloneScope::SameProcessSameThread,
+                              JS::StructuredCloneScope::DifferentProcessForIndexedDB,
                               aValue, &callbacks, &aCloneReadInfo)) {
     return false;
   }
@@ -1285,7 +1285,7 @@ IDBObjectStore::DeserializeUpgradeValue(JSContext* aCx,
   };
 
   if (!JS_ReadStructuredClone(aCx, aCloneReadInfo.mData, JS_STRUCTURED_CLONE_VERSION,
-                              JS::StructuredCloneScope::SameProcessSameThread,
+                              JS::StructuredCloneScope::DifferentProcessForIndexedDB,
                               aValue, &callbacks, &aCloneReadInfo)) {
     return false;
   }
diff --git a/dom/indexedDB/IndexedDatabase.h b/dom/indexedDB/IndexedDatabase.h
index b0c4cb877..b3c6ab725 100644
--- a/dom/indexedDB/IndexedDatabase.h
+++ b/dom/indexedDB/IndexedDatabase.h
@@ -64,6 +64,10 @@ struct StructuredCloneReadInfo
   IDBDatabase* mDatabase;
   bool mHasPreprocessInfo;
 
+  // In IndexedDatabaseInlines.h
+  inline explicit
+  StructuredCloneReadInfo(JS::StructuredCloneScope aScope);
+
   // In IndexedDatabaseInlines.h
   inline
   StructuredCloneReadInfo();
diff --git a/dom/indexedDB/IndexedDatabaseInlines.h b/dom/indexedDB/IndexedDatabaseInlines.h
index 830c2f110..8c34a81dd 100644
--- a/dom/indexedDB/IndexedDatabaseInlines.h
+++ b/dom/indexedDB/IndexedDatabaseInlines.h
@@ -45,13 +45,20 @@ StructuredCloneFile::operator==(const StructuredCloneFile& aOther) const
 }
 
 inline
-StructuredCloneReadInfo::StructuredCloneReadInfo()
-  : mDatabase(nullptr)
+StructuredCloneReadInfo::StructuredCloneReadInfo(JS::StructuredCloneScope aScope)
+  : mData(aScope)
+  , mDatabase(nullptr)
   , mHasPreprocessInfo(false)
 {
   MOZ_COUNT_CTOR(StructuredCloneReadInfo);
 }
 
+inline
+StructuredCloneReadInfo::StructuredCloneReadInfo()
+ : StructuredCloneReadInfo(JS::StructuredCloneScope::DifferentProcessForIndexedDB)
+{
+}
+
 inline
 StructuredCloneReadInfo::StructuredCloneReadInfo(
                              StructuredCloneReadInfo&& aCloneReadInfo)
-- 
cgit v1.2.3