From f35bf8b65d25f88c7e34263337b05619a78868f6 Mon Sep 17 00:00:00 2001
From: Andrea Marchesini <amarchesini@mozilla.com>
Date: Thu, 10 May 2018 11:24:25 +0200
Subject: Bug 1459206 - Use FileSystemSecurity in
 ContentParent::RecvGetFilesRequest. r=ehsan, a=jcristau

--HG--
extra : rebase_source : 542dca7fe46dd965ecde4c8387685beaf20ec3de
---
 dom/ipc/ContentParent.cpp | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'dom/ipc/ContentParent.cpp')

diff --git a/dom/ipc/ContentParent.cpp b/dom/ipc/ContentParent.cpp
index 3488e26bd..fb97adc42 100644
--- a/dom/ipc/ContentParent.cpp
+++ b/dom/ipc/ContentParent.cpp
@@ -4721,6 +4721,14 @@ ContentParent::RecvGetFilesRequest(const nsID& aUUID,
 {
   MOZ_ASSERT(!mGetFilesPendingRequests.GetWeak(aUUID));
 
+  if (!mozilla::Preferences::GetBool("dom.filesystem.pathcheck.disabled", false)) {
+    RefPtr<FileSystemSecurity> fss = FileSystemSecurity::Get();
+    if (NS_WARN_IF(!fss ||
+                   !fss->ContentProcessHasAccessTo(ChildID(), aDirectoryPath))) {
+      return IPC_FAIL_NO_REASON(this);
+    }
+  }
+
   ErrorResult rv;
   RefPtr<GetFilesHelper> helper =
     GetFilesHelperParent::Create(aUUID, aDirectoryPath, aRecursiveFlag, this,
-- 
cgit v1.2.3