[Swfdec-commits] 2 commits - swfdec/swfdec_as_script_function.c swfdec/swfdec_as_script_function.h swfdec/swfdec_sandbox.c swfdec/swfdec_sandbox.h vivified/code

Benjamin Otte company at kemper.freedesktop.org
Wed Oct 8 06:26:58 PDT 2008 

 swfdec/swfdec_as_script_function.c |   30 ++++++++++++++++++++++++++++--
 swfdec/swfdec_as_script_function.h |    2 ++
 swfdec/swfdec_sandbox.c            |   10 ++++++++++
 swfdec/swfdec_sandbox.h            |    6 +++++-
 vivified/code/rewrite.c            |    6 +++---
 5 files changed, 48 insertions(+), 6 deletions(-)

New commits:
commit cc239a15806275ced9ad1e4d514b1fae72cf4f3a
Author: Benjamin Otte <otte at gnome.org>
Date:   Wed Oct 8 15:06:40 2008 +0200

    switch sandboxes when executing a function from a different sandbox

diff --git a/swfdec/swfdec_as_script_function.c b/swfdec/swfdec_as_script_function.c
index 03bfd17..59052c5 100644
--- a/swfdec/swfdec_as_script_function.c
+++ b/swfdec/swfdec_as_script_function.c
@@ -1,5 +1,5 @@
 /* Swfdec
- * Copyright (C) 2007 Benjamin Otte <otte at gnome.org>
+ * Copyright (C) 2007-2008 Benjamin Otte <otte at gnome.org>
  *
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
@@ -38,12 +38,25 @@ swfdec_as_script_function_call (SwfdecAsFunction *function, SwfdecAsObject *this
     const SwfdecAsValue *args, SwfdecAsValue *return_value)
 {
   SwfdecAsScriptFunction *script = SWFDEC_AS_SCRIPT_FUNCTION (function);
+  SwfdecAsContext *context;
+  SwfdecSandbox *old_sandbox = NULL;
   SwfdecAsFrame frame = { NULL, };
 
   /* just to be sure... */
   if (return_value)
     SWFDEC_AS_VALUE_SET_UNDEFINED (return_value);
 
+  context = swfdec_gc_object_get_context (function);
+  /* do security checks */
+  if (SWFDEC_AS_OBJECT (script->sandbox) != context->global &&
+      script->sandbox != NULL) {
+    old_sandbox = SWFDEC_SANDBOX (context->global);
+    if (!swfdec_sandbox_allow (script->sandbox, old_sandbox))
+      return;
+    swfdec_sandbox_unuse (old_sandbox);
+    swfdec_sandbox_use (script->sandbox);
+  }
+
   swfdec_as_frame_init (&frame, swfdec_gc_object_get_context (function), script->script);
   frame.scope_chain = g_slist_concat (frame.scope_chain, g_slist_copy (script->scope_chain));
   frame.function = function;
@@ -69,7 +82,12 @@ swfdec_as_script_function_call (SwfdecAsFunction *function, SwfdecAsObject *this
     swfdec_as_super_new (&frame, SWFDEC_AS_OBJECT (function), super_reference);
   }
   swfdec_as_frame_preload (&frame);
-  swfdec_as_context_run (swfdec_gc_object_get_context (function));
+  swfdec_as_context_run (context);
+
+  if (old_sandbox) {
+    swfdec_sandbox_unuse (script->sandbox);
+    swfdec_sandbox_use (old_sandbox);
+  }
 }
 
 static void
@@ -93,6 +111,8 @@ swfdec_as_script_function_mark (SwfdecGcObject *object)
   SwfdecAsScriptFunction *script = SWFDEC_AS_SCRIPT_FUNCTION (object);
 
   g_slist_foreach (script->scope_chain, (GFunc) swfdec_gc_object_mark, NULL);
+  if (script->sandbox)
+    swfdec_gc_object_mark (script->sandbox);
 
   SWFDEC_GC_OBJECT_CLASS (swfdec_as_script_function_parent_class)->mark (object);
 }
@@ -155,6 +175,12 @@ swfdec_as_script_function_new (SwfdecAsObject *target, const GSList *scope_chain
   fun->scope_chain = g_slist_copy ((GSList *) scope_chain);
   fun->script = script;
   fun->target = target;
+
+  /* if context is a flash player, copy current sandbox for security checking.
+   * FIXME: export this somehow? */
+  if (SWFDEC_IS_PLAYER (context))
+    fun->sandbox = SWFDEC_SANDBOX (context->global);
+
   /* set prototype */
   proto = swfdec_as_object_new_empty (context);
   SWFDEC_AS_VALUE_SET_OBJECT (&val, proto);
diff --git a/swfdec/swfdec_as_script_function.h b/swfdec/swfdec_as_script_function.h
index ab04a72..15c145b 100644
--- a/swfdec/swfdec_as_script_function.h
+++ b/swfdec/swfdec_as_script_function.h
@@ -22,6 +22,7 @@
 
 #include <swfdec/swfdec_as_function.h>
 #include <swfdec/swfdec_as_types.h>
+#include <swfdec/swfdec_sandbox.h>
 #include <swfdec/swfdec_script.h>
 
 G_BEGIN_DECLS
@@ -44,6 +45,7 @@ struct _SwfdecAsScriptFunction {
   SwfdecScript *	script;		/* script being executed or NULL when native */
   GSList *		scope_chain;  	/* scope this script_function was defined in */
   SwfdecAsObject *	target;		/* target this object was defined in or NULL if in init script */
+  SwfdecSandbox *	sandbox;	/* sandbox this function was defined in or NULL if don't care */
 };
 
 struct _SwfdecAsScriptFunctionClass {
diff --git a/swfdec/swfdec_sandbox.c b/swfdec/swfdec_sandbox.c
index f468a07..256bd50 100644
--- a/swfdec/swfdec_sandbox.c
+++ b/swfdec/swfdec_sandbox.c
@@ -299,3 +299,13 @@ swfdec_sandbox_unuse (SwfdecSandbox *sandbox)
   context->Object_prototype = NULL;
 }
 
+gboolean
+swfdec_sandbox_allow (SwfdecSandbox *sandbox, SwfdecSandbox *other)
+{
+  g_return_val_if_fail (SWFDEC_IS_SANDBOX (sandbox), FALSE);
+  g_return_val_if_fail (SWFDEC_IS_SANDBOX (other), FALSE);
+
+  SWFDEC_FIXME ("implement script sandbox interaction");
+  return TRUE;
+}
+
diff --git a/swfdec/swfdec_sandbox.h b/swfdec/swfdec_sandbox.h
index f9332ea..3257649 100644
--- a/swfdec/swfdec_sandbox.h
+++ b/swfdec/swfdec_sandbox.h
@@ -1,5 +1,5 @@
 /* Swfdec
- * Copyright (C) 2007 Benjamin Otte <otte at gnome.org>
+ * Copyright (C) 2007-2008 Benjamin Otte <otte at gnome.org>
  *
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
@@ -80,5 +80,9 @@ void			swfdec_sandbox_use		(SwfdecSandbox *	sandbox);
 gboolean		swfdec_sandbox_try_use		(SwfdecSandbox *	sandbox);
 void			swfdec_sandbox_unuse		(SwfdecSandbox *	sandbox);
 
+gboolean		swfdec_sandbox_allow		(SwfdecSandbox *	sandbox,
+							 SwfdecSandbox *	other);
+
+
 G_END_DECLS
 #endif
commit 3001605a2d361949273832d4225fb12bd30b97c4
Author: Benjamin Otte <otte at gnome.org>
Date:   Wed Oct 8 13:18:37 2008 +0200

    count getters properly

diff --git a/vivified/code/rewrite.c b/vivified/code/rewrite.c
index b2ca8cc..32dc23b 100644
--- a/vivified/code/rewrite.c
+++ b/vivified/code/rewrite.c
@@ -1,5 +1,5 @@
 /* Swfdec
- * Copyright (C) 2006 Benjamin Otte <otte at gnome.org>
+ * Copyright (C) 2008 Benjamin Otte <otte at gnome.org>
  *
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
@@ -290,10 +290,10 @@ replace_random (ViviCodeAssembler *assembler, guint init)
 static void
 rewrite_getters (ViviCodeAssembler *assembler)
 {
-  guint i, count;
+  guint i;
+  static guint count = 0;
   char *s;
 
-  count = 0;
   for (i = 0; i < vivi_code_assembler_get_n_codes (assembler); i++) {
     ViviCodeAsm *code = vivi_code_assembler_get_code (assembler, i);
     if (VIVI_IS_CODE_ASM_GET_VARIABLE (code) ||

More information about the Swfdec-commits mailing list