1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
|
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#ifndef mozilla_mscom_PassthruProxy_h
#define mozilla_mscom_PassthruProxy_h
#include "mozilla/Atomics.h"
#include "mozilla/mscom/ProxyStream.h"
#include "mozilla/mscom/Ptr.h"
#include "mozilla/NotNull.h"
#if defined(MOZ_SANDBOX)
# include "mozilla/SandboxSettings.h"
#endif // defined(MOZ_SANDBOX)
#include <objbase.h>
namespace mozilla {
namespace mscom {
namespace detail {
template <typename Iface>
struct VTableSizer;
template <>
struct VTableSizer<IDispatch> {
enum { Size = 7 };
};
} // namespace detail
class PassthruProxy final : public IMarshal, public IClientSecurity {
public:
template <typename Iface>
static RefPtr<Iface> Wrap(NotNull<Iface*> aIn) {
static_assert(detail::VTableSizer<Iface>::Size >= 3, "VTable too small");
#if defined(MOZ_SANDBOX)
if (mozilla::GetEffectiveContentSandboxLevel() < 3) {
// The sandbox isn't strong enough to be a problem; no wrapping required
return aIn.get();
}
typename detail::EnvironmentSelector<Iface>::Type env;
RefPtr<PassthruProxy> passthru(new PassthruProxy(
&env, __uuidof(Iface), detail::VTableSizer<Iface>::Size, aIn));
RefPtr<Iface> result;
if (FAILED(passthru->QueryProxyInterface(getter_AddRefs(result)))) {
return nullptr;
}
return result;
#else
// No wrapping required
return aIn.get();
#endif // defined(MOZ_SANDBOX)
}
static HRESULT Register();
PassthruProxy();
// IUnknown
STDMETHODIMP QueryInterface(REFIID riid, void** ppv) override;
STDMETHODIMP_(ULONG) AddRef() override;
STDMETHODIMP_(ULONG) Release() override;
// IMarshal
STDMETHODIMP GetUnmarshalClass(REFIID riid, void* pv, DWORD dwDestContext,
void* pvDestContext, DWORD mshlflags,
CLSID* pCid) override;
STDMETHODIMP GetMarshalSizeMax(REFIID riid, void* pv, DWORD dwDestContext,
void* pvDestContext, DWORD mshlflags,
DWORD* pSize) override;
STDMETHODIMP MarshalInterface(IStream* pStm, REFIID riid, void* pv,
DWORD dwDestContext, void* pvDestContext,
DWORD mshlflags) override;
STDMETHODIMP UnmarshalInterface(IStream* pStm, REFIID riid,
void** ppv) override;
STDMETHODIMP ReleaseMarshalData(IStream* pStm) override;
STDMETHODIMP DisconnectObject(DWORD dwReserved) override;
// IClientSecurity - we don't actually implement this interface, but its
// presence signals to mscom::IsProxy() that we are a proxy.
STDMETHODIMP QueryBlanket(IUnknown* aProxy, DWORD* aAuthnSvc,
DWORD* aAuthzSvc, OLECHAR** aSrvPrincName,
DWORD* aAuthnLevel, DWORD* aImpLevel,
void** aAuthInfo, DWORD* aCapabilities) override {
return E_NOTIMPL;
}
STDMETHODIMP SetBlanket(IUnknown* aProxy, DWORD aAuthnSvc, DWORD aAuthzSvc,
OLECHAR* aSrvPrincName, DWORD aAuthnLevel,
DWORD aImpLevel, void* aAuthInfo,
DWORD aCapabilities) override {
return E_NOTIMPL;
}
STDMETHODIMP CopyProxy(IUnknown* aProxy, IUnknown** aOutCopy) override {
return E_NOTIMPL;
}
private:
PassthruProxy(ProxyStream::Environment* aEnv, REFIID aIidToWrap,
uint32_t aVTableSize, NotNull<IUnknown*> aObjToWrap);
~PassthruProxy();
bool IsInitialMarshal() const { return !mStream; }
HRESULT QueryProxyInterface(void** aOutInterface);
Atomic<ULONG> mRefCnt;
IID mWrappedIid;
PreservedStreamPtr mPreservedStream;
RefPtr<IStream> mStream;
uint32_t mVTableSize;
IUnknown* mVTable;
bool mForgetPreservedStream;
};
} // namespace mscom
} // namespace mozilla
#endif // mozilla_mscom_PassthruProxy_h
|
