Bug 653083 - Deal with NPRuntime identifier which may be non-interned being passed across the process boundary, and the current cache which isn't aware of that problem. r=bent,cdleary

dom/plugins/ipc/PluginScriptableObjectParent.cpp

@@ -39,12 +39,16 @@
 #include "PluginScriptableObjectParent.h"
 #include "PluginScriptableObjectUtils.h"
 
+#include "nsNPAPIPlugin.h"
 #include "mozilla/unused.h"
 
 using namespace mozilla::plugins;
+using namespace mozilla::plugins::parent;
 
 namespace {
 
+typedef PluginIdentifierParent::StackIdentifier StackIdentifier;
+
 inline void
 ReleaseVariant(NPVariant& aVariant,
                PluginInstanceParent* aInstance)
@@ -55,32 +59,6 @@ ReleaseVariant(NPVariant& aVariant,
   }
 }
 
-inline PPluginIdentifierParent*
-GetIdentifier(PluginInstanceParent* aInstance,
-              NPIdentifier aIdentifier)
-{
-  PluginModuleParent* module = aInstance->Module();
-  if (!module) {
-    NS_WARNING("Huh?!");
-    return false;
-  }
-
-  return module->GetIdentifierForNPIdentifier(aIdentifier);
-}
-
-inline PPluginIdentifierParent*
-GetIdentifier(NPObject* aObject,
-              NPIdentifier aIdentifier)
-{
-  PluginInstanceParent* instance = GetInstance(aObject);
-  if (!instance) {
-    NS_WARNING("Huh?!");
-    return false;
-  }
-
-  return GetIdentifier(instance, aIdentifier);
-}
-
 } // anonymous namespace
 
 // static
@@ -154,7 +132,7 @@ PluginScriptableObjectParent::ScriptableHasMethod(NPObject* aObject,
     return false;
   }
 
-  PPluginIdentifierParent* identifier = GetIdentifier(aObject, aName);
+  StackIdentifier identifier(aObject, aName);
   if (!identifier) {
     return false;
   }
@@ -194,7 +172,7 @@ PluginScriptableObjectParent::ScriptableInvoke(NPObject* aObject,
     return false;
   }
 
-  PPluginIdentifierParent* identifier = GetIdentifier(aObject, aName);
+  StackIdentifier identifier(aObject, aName);
   if (!identifier) {
     return false;
   }
@@ -296,7 +274,7 @@ PluginScriptableObjectParent::ScriptableHasProperty(NPObject* aObject,
     return false;
   }
 
-  PPluginIdentifierParent* identifier = GetIdentifier(aObject, aName);
+  StackIdentifier identifier(aObject, aName);
   if (!identifier) {
     return false;
   }
@@ -345,7 +323,7 @@ PluginScriptableObjectParent::ScriptableSetProperty(NPObject* aObject,
     return false;
   }
 
-  PPluginIdentifierParent* identifier = GetIdentifier(aObject, aName);
+  StackIdentifier identifier(aObject, aName);
   if (!identifier) {
     return false;
   }
@@ -388,7 +366,7 @@ PluginScriptableObjectParent::ScriptableRemoveProperty(NPObject* aObject,
     return false;
   }
 
-  PPluginIdentifierParent* identifier = GetIdentifier(aObject, aName);
+  StackIdentifier identifier(aObject, aName);
   if (!identifier) {
     return false;
   }
@@ -1096,8 +1074,23 @@ PluginScriptableObjectParent::AnswerEnumerate(InfallibleTArray<PPluginIdentifier
     return true;
   }
 
+  JSContext* cx = GetJSContext(instance->GetNPP());
+  JSAutoRequest ar(cx);
+
   for (uint32_t index = 0; index < idCount; index++) {
-    aProperties->AppendElement(GetIdentifier(instance, ids[index]));
+    // Because of GC hazards, all identifiers returned from enumerate
+    // must be made permanent.
+    if (_identifierisstring(ids[index])) {
+      JSString* str = NPIdentifierToString(ids[index]);
+      if (!JS_StringHasBeenInterned(cx, str)) {
+        JSString* str2 = JS_InternJSString(cx, str);
+        NS_ASSERTION(str2 == str, "Interning a JS string which is currently an ID should return itself.");
+      }
+    }
+    PluginIdentifierParent* id =
+      instance->Module()->GetIdentifierForNPIdentifier(instance->GetNPP(), ids[index]);
+    aProperties->AppendElement(id);
+    NS_ASSERTION(!id->IsTemporary(), "Should only have permanent identifiers!");
   }
 
   npn->memfree(ids);
@@ -1268,7 +1261,7 @@ PluginScriptableObjectParent::GetPropertyHelper(NPIdentifier aName,
     return JS_FALSE;
   }
 
-  PPluginIdentifierParent* identifier = GetIdentifier(GetInstance(), aName);
+  StackIdentifier identifier(GetInstance(), aName);
   if (!identifier) {
     return JS_FALSE;
   }