summaryrefslogtreecommitdiffstats
path: root/dom/clients/manager/ClientSourceParent.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'dom/clients/manager/ClientSourceParent.cpp')
-rw-r--r--dom/clients/manager/ClientSourceParent.cpp67
1 files changed, 6 insertions, 61 deletions
diff --git a/dom/clients/manager/ClientSourceParent.cpp b/dom/clients/manager/ClientSourceParent.cpp
index 8364871cd4..e2c02c0bfd 100644
--- a/dom/clients/manager/ClientSourceParent.cpp
+++ b/dom/clients/manager/ClientSourceParent.cpp
@@ -26,60 +26,6 @@ using mozilla::ipc::BackgroundParent;
using mozilla::ipc::IPCResult;
using mozilla::ipc::PrincipalInfo;
-namespace {
-
-// It would be nice to use a lambda instead of this class, but we cannot
-// move capture in lambdas yet and ContentParent cannot be AddRef'd off
-// the main thread.
-class KillContentParentRunnable final : public Runnable {
- RefPtr<ThreadsafeContentParentHandle> mHandle;
-
- public:
- explicit KillContentParentRunnable(
- RefPtr<ThreadsafeContentParentHandle>&& aHandle)
- : Runnable("KillContentParentRunnable"), mHandle(std::move(aHandle)) {
- MOZ_ASSERT(mHandle);
- }
-
- NS_IMETHOD
- Run() override {
- AssertIsOnMainThread();
- if (RefPtr<ContentParent> contentParent = mHandle->GetContentParent()) {
- contentParent->KillHard("invalid ClientSourceParent actor");
- }
- return NS_OK;
- }
-};
-
-} // anonymous namespace
-
-void ClientSourceParent::KillInvalidChild() {
- // Try to get the content process before we destroy the actor below.
- RefPtr<ThreadsafeContentParentHandle> process =
- BackgroundParent::GetContentParentHandle(Manager()->Manager());
-
- // First, immediately teardown the ClientSource actor. No matter what
- // we want to start this process as soon as possible.
- Unused << ClientSourceParent::Send__delete__(this);
-
- // If we are running in non-e10s, then there is nothing else to do here.
- // There is no child process and we don't want to crash the entire browser
- // in release builds. In general, though, this should not happen in non-e10s
- // so we do assert this condition.
- if (!process) {
- MOZ_DIAGNOSTIC_ASSERT(false, "invalid ClientSourceParent in non-e10s");
- return;
- }
-
- // In e10s mode we also want to kill the child process. Validation failures
- // typically mean someone sent us bogus data over the IPC link. We can't
- // trust that process any more. We have to do this on the main thread, so
- // there is a small window of time before we kill the process. This is why
- // we start the actor destruction immediately above.
- nsCOMPtr<nsIRunnable> r = new KillContentParentRunnable(std::move(process));
- MOZ_ALWAYS_SUCCEEDS(SchedulerGroup::Dispatch(r.forget()));
-}
-
mozilla::ipc::IPCResult ClientSourceParent::RecvWorkerSyncPing() {
AssertIsOnBackgroundThread();
// Do nothing here. This is purely a sync message allowing the child to
@@ -98,8 +44,7 @@ IPCResult ClientSourceParent::RecvExecutionReady(
// to make sure the child actor is not giving us garbage. Since we validate
// on the child side as well we treat a failure here as fatal.
if (!ClientIsValidCreationURL(mClientInfo.PrincipalInfo(), aArgs.url())) {
- KillInvalidChild();
- return IPC_OK();
+ return IPC_FAIL(this, "Invalid creation URL!");
}
mClientInfo.SetURL(aArgs.url());
@@ -216,23 +161,23 @@ ClientSourceParent::~ClientSourceParent() {
mExecutionReadyPromise.RejectIfExists(NS_ERROR_FAILURE, __func__);
}
-void ClientSourceParent::Init() {
+IPCResult ClientSourceParent::Init() {
// Ensure the principal is reasonable before adding ourself to the service.
// Since we validate the principal on the child side as well, any failure
// here is treated as fatal.
if (NS_WARN_IF(!ClientIsValidPrincipalInfo(mClientInfo.PrincipalInfo()))) {
mService->ForgetFutureSource(mClientInfo.ToIPC());
- KillInvalidChild();
- return;
+ return IPC_FAIL(Manager(), "Invalid PrincipalInfo!");
}
// Its possible for AddSource() to fail if there is already an entry for
// our UUID. This should not normally happen, but could if someone is
// spoofing IPC messages.
if (NS_WARN_IF(!mService->AddSource(this))) {
- KillInvalidChild();
- return;
+ return IPC_FAIL(Manager(), "Already registered!");
}
+
+ return IPC_OK();
}
const ClientInfo& ClientSourceParent::Info() const { return mClientInfo; }