summaryrefslogtreecommitdiffstats
path: root/js/xpconnect/src/XPCConvert.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'js/xpconnect/src/XPCConvert.cpp')
-rw-r--r--js/xpconnect/src/XPCConvert.cpp1649
1 files changed, 1649 insertions, 0 deletions
diff --git a/js/xpconnect/src/XPCConvert.cpp b/js/xpconnect/src/XPCConvert.cpp
new file mode 100644
index 0000000000..9c6fd75eec
--- /dev/null
+++ b/js/xpconnect/src/XPCConvert.cpp
@@ -0,0 +1,1649 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* Data conversion between native and JavaScript types. */
+
+#include "mozilla/ArrayUtils.h"
+#include "mozilla/Range.h"
+#include "mozilla/Sprintf.h"
+
+#include "xpcprivate.h"
+#include "nsIScriptError.h"
+#include "nsISimpleEnumerator.h"
+#include "nsWrapperCache.h"
+#include "nsJSUtils.h"
+#include "nsQueryObject.h"
+#include "nsScriptError.h"
+#include "WrapperFactory.h"
+
+#include "nsWrapperCacheInlines.h"
+
+#include "jsapi.h"
+#include "jsfriendapi.h"
+#include "js/Array.h" // JS::GetArrayLength, JS::IsArrayObject, JS::NewArrayObject
+#include "js/CharacterEncoding.h"
+#include "js/experimental/TypedData.h" // JS_GetArrayBufferViewType, JS_GetArrayBufferViewData, JS_GetTypedArrayLength, JS_IsTypedArrayObject
+#include "js/MemoryFunctions.h"
+#include "js/Object.h" // JS::GetClass
+#include "js/PropertyAndElement.h" // JS_DefineElement, JS_GetElement
+#include "js/String.h" // JS::StringHasLatin1Chars
+
+#include "mozilla/dom/BindingUtils.h"
+#include "mozilla/dom/DOMException.h"
+#include "mozilla/dom/PrimitiveConversions.h"
+#include "mozilla/dom/Promise.h"
+
+using namespace xpc;
+using namespace mozilla;
+using namespace mozilla::dom;
+using namespace JS;
+
+// #define STRICT_CHECK_OF_UNICODE
+#ifdef STRICT_CHECK_OF_UNICODE
+# define ILLEGAL_RANGE(c) (0 != ((c)&0xFF80))
+#else // STRICT_CHECK_OF_UNICODE
+# define ILLEGAL_RANGE(c) (0 != ((c)&0xFF00))
+#endif // STRICT_CHECK_OF_UNICODE
+
+#define ILLEGAL_CHAR_RANGE(c) (0 != ((c)&0x80))
+
+/***************************************************************************/
+
+// static
+bool XPCConvert::GetISupportsFromJSObject(JSObject* obj, nsISupports** iface) {
+ if (JS::GetClass(obj)->slot0IsISupports()) {
+ *iface = JS::GetObjectISupports<nsISupports>(obj);
+ return true;
+ }
+ *iface = UnwrapDOMObjectToISupports(obj);
+ return !!*iface;
+}
+
+/***************************************************************************/
+
+// static
+bool XPCConvert::NativeData2JS(JSContext* cx, MutableHandleValue d,
+ const void* s, const nsXPTType& type,
+ const nsID* iid, uint32_t arrlen,
+ nsresult* pErr) {
+ MOZ_ASSERT(s, "bad param");
+
+ if (pErr) {
+ *pErr = NS_ERROR_XPC_BAD_CONVERT_NATIVE;
+ }
+
+ switch (type.Tag()) {
+ case nsXPTType::T_I8:
+ d.setInt32(*static_cast<const int8_t*>(s));
+ return true;
+ case nsXPTType::T_I16:
+ d.setInt32(*static_cast<const int16_t*>(s));
+ return true;
+ case nsXPTType::T_I32:
+ d.setInt32(*static_cast<const int32_t*>(s));
+ return true;
+ case nsXPTType::T_I64:
+ d.setNumber(static_cast<double>(*static_cast<const int64_t*>(s)));
+ return true;
+ case nsXPTType::T_U8:
+ d.setInt32(*static_cast<const uint8_t*>(s));
+ return true;
+ case nsXPTType::T_U16:
+ d.setInt32(*static_cast<const uint16_t*>(s));
+ return true;
+ case nsXPTType::T_U32:
+ d.setNumber(*static_cast<const uint32_t*>(s));
+ return true;
+ case nsXPTType::T_U64:
+ d.setNumber(static_cast<double>(*static_cast<const uint64_t*>(s)));
+ return true;
+ case nsXPTType::T_FLOAT:
+ d.setNumber(*static_cast<const float*>(s));
+ return true;
+ case nsXPTType::T_DOUBLE:
+ d.set(JS_NumberValue(*static_cast<const double*>(s)));
+ return true;
+ case nsXPTType::T_BOOL:
+ d.setBoolean(*static_cast<const bool*>(s));
+ return true;
+ case nsXPTType::T_CHAR: {
+ char p = *static_cast<const char*>(s);
+
+#ifdef STRICT_CHECK_OF_UNICODE
+ MOZ_ASSERT(!ILLEGAL_CHAR_RANGE(p), "passing non ASCII data");
+#endif // STRICT_CHECK_OF_UNICODE
+
+ JSString* str = JS_NewStringCopyN(cx, &p, 1);
+ if (!str) {
+ return false;
+ }
+
+ d.setString(str);
+ return true;
+ }
+ case nsXPTType::T_WCHAR: {
+ char16_t p = *static_cast<const char16_t*>(s);
+
+ JSString* str = JS_NewUCStringCopyN(cx, &p, 1);
+ if (!str) {
+ return false;
+ }
+
+ d.setString(str);
+ return true;
+ }
+
+ case nsXPTType::T_JSVAL: {
+ d.set(*static_cast<const Value*>(s));
+ return JS_WrapValue(cx, d);
+ }
+
+ case nsXPTType::T_VOID:
+ XPC_LOG_ERROR(("XPCConvert::NativeData2JS : void* params not supported"));
+ return false;
+
+ case nsXPTType::T_NSIDPTR: {
+ nsID* iid2 = *static_cast<nsID* const*>(s);
+ if (!iid2) {
+ d.setNull();
+ return true;
+ }
+
+ return xpc::ID2JSValue(cx, *iid2, d);
+ }
+
+ case nsXPTType::T_NSID:
+ return xpc::ID2JSValue(cx, *static_cast<const nsID*>(s), d);
+
+ case nsXPTType::T_ASTRING: {
+ const nsAString* p = static_cast<const nsAString*>(s);
+ if (!p || p->IsVoid()) {
+ d.setNull();
+ return true;
+ }
+
+ nsStringBuffer* buf;
+ if (!XPCStringConvert::ReadableToJSVal(cx, *p, &buf, d)) {
+ return false;
+ }
+ if (buf) {
+ buf->AddRef();
+ }
+ return true;
+ }
+
+ case nsXPTType::T_CHAR_STR: {
+ const char* p = *static_cast<const char* const*>(s);
+ arrlen = p ? strlen(p) : 0;
+ [[fallthrough]];
+ }
+ case nsXPTType::T_PSTRING_SIZE_IS: {
+ const char* p = *static_cast<const char* const*>(s);
+ if (!p) {
+ d.setNull();
+ return true;
+ }
+
+#ifdef STRICT_CHECK_OF_UNICODE
+ bool isAscii = true;
+ for (uint32_t i = 0; i < arrlen; i++) {
+ if (ILLEGAL_CHAR_RANGE(p[i])) {
+ isAscii = false;
+ }
+ }
+ MOZ_ASSERT(isAscii, "passing non ASCII data");
+#endif // STRICT_CHECK_OF_UNICODE
+
+ JSString* str = JS_NewStringCopyN(cx, p, arrlen);
+ if (!str) {
+ return false;
+ }
+
+ d.setString(str);
+ return true;
+ }
+
+ case nsXPTType::T_WCHAR_STR: {
+ const char16_t* p = *static_cast<const char16_t* const*>(s);
+ arrlen = p ? nsCharTraits<char16_t>::length(p) : 0;
+ [[fallthrough]];
+ }
+ case nsXPTType::T_PWSTRING_SIZE_IS: {
+ const char16_t* p = *static_cast<const char16_t* const*>(s);
+ if (!p) {
+ d.setNull();
+ return true;
+ }
+
+ JSString* str = JS_NewUCStringCopyN(cx, p, arrlen);
+ if (!str) {
+ return false;
+ }
+
+ d.setString(str);
+ return true;
+ }
+
+ case nsXPTType::T_UTF8STRING: {
+ const nsACString* utf8String = static_cast<const nsACString*>(s);
+
+ if (!utf8String || utf8String->IsVoid()) {
+ d.setNull();
+ return true;
+ }
+
+ if (utf8String->IsEmpty()) {
+ d.set(JS_GetEmptyStringValue(cx));
+ return true;
+ }
+
+ uint32_t len = utf8String->Length();
+ auto allocLen = CheckedUint32(len) + 1;
+ if (!allocLen.isValid()) {
+ return false;
+ }
+
+ // Usage of UTF-8 in XPConnect is mostly for things that are
+ // almost always ASCII, so the inexact allocations below
+ // should be fine.
+
+ if (IsUtf8Latin1(*utf8String)) {
+ using UniqueLatin1Chars =
+ js::UniquePtr<JS::Latin1Char[], JS::FreePolicy>;
+
+ UniqueLatin1Chars buffer(static_cast<JS::Latin1Char*>(
+ JS_string_malloc(cx, allocLen.value())));
+ if (!buffer) {
+ return false;
+ }
+
+ size_t written = LossyConvertUtf8toLatin1(
+ *utf8String, Span(reinterpret_cast<char*>(buffer.get()), len));
+ buffer[written] = 0;
+
+ // written can never exceed len, so the truncation is OK.
+ JSString* str = JS_NewLatin1String(cx, std::move(buffer), written);
+ if (!str) {
+ return false;
+ }
+
+ d.setString(str);
+ return true;
+ }
+
+ // 1-byte sequences decode to 1 UTF-16 code unit
+ // 2-byte sequences decode to 1 UTF-16 code unit
+ // 3-byte sequences decode to 1 UTF-16 code unit
+ // 4-byte sequences decode to 2 UTF-16 code units
+ // So the number of output code units never exceeds
+ // the number of input code units (but see the comment
+ // below). allocLen already takes the zero terminator
+ // into account.
+ allocLen *= sizeof(char16_t);
+ if (!allocLen.isValid()) {
+ return false;
+ }
+
+ JS::UniqueTwoByteChars buffer(
+ static_cast<char16_t*>(JS_string_malloc(cx, allocLen.value())));
+ if (!buffer) {
+ return false;
+ }
+
+ // For its internal simplicity, ConvertUTF8toUTF16 requires the
+ // destination to be one code unit longer than the source, but
+ // it never actually writes more code units than the number of
+ // code units in the source. That's why it's OK to claim the
+ // output buffer has len + 1 space but then still expect to
+ // have space for the zero terminator.
+ size_t written =
+ ConvertUtf8toUtf16(*utf8String, Span(buffer.get(), allocLen.value()));
+ MOZ_RELEASE_ASSERT(written <= len);
+ buffer[written] = 0;
+
+ JSString* str = JS_NewUCStringDontDeflate(cx, std::move(buffer), written);
+ if (!str) {
+ return false;
+ }
+
+ d.setString(str);
+ return true;
+ }
+ case nsXPTType::T_CSTRING: {
+ const nsACString* cString = static_cast<const nsACString*>(s);
+
+ if (!cString || cString->IsVoid()) {
+ d.setNull();
+ return true;
+ }
+
+ // c-strings (binary blobs) are deliberately not converted from
+ // UTF-8 to UTF-16. T_UTF8Sting is for UTF-8 encoded strings
+ // with automatic conversion.
+ JSString* str = JS_NewStringCopyN(cx, cString->Data(), cString->Length());
+ if (!str) {
+ return false;
+ }
+
+ d.setString(str);
+ return true;
+ }
+
+ case nsXPTType::T_INTERFACE:
+ case nsXPTType::T_INTERFACE_IS: {
+ nsISupports* iface = *static_cast<nsISupports* const*>(s);
+ if (!iface) {
+ d.setNull();
+ return true;
+ }
+
+ if (iid->Equals(NS_GET_IID(nsIVariant))) {
+ nsCOMPtr<nsIVariant> variant = do_QueryInterface(iface);
+ if (!variant) {
+ return false;
+ }
+
+ return XPCVariant::VariantDataToJS(cx, variant, pErr, d);
+ }
+
+ xpcObjectHelper helper(iface);
+ return NativeInterface2JSObject(cx, d, helper, iid, true, pErr);
+ }
+
+ case nsXPTType::T_DOMOBJECT: {
+ void* ptr = *static_cast<void* const*>(s);
+ if (!ptr) {
+ d.setNull();
+ return true;
+ }
+
+ return type.GetDOMObjectInfo().Wrap(cx, ptr, d);
+ }
+
+ case nsXPTType::T_PROMISE: {
+ Promise* promise = *static_cast<Promise* const*>(s);
+ if (!promise) {
+ d.setNull();
+ return true;
+ }
+
+ RootedObject jsobj(cx, promise->PromiseObj());
+ if (!JS_WrapObject(cx, &jsobj)) {
+ return false;
+ }
+ d.setObject(*jsobj);
+ return true;
+ }
+
+ case nsXPTType::T_LEGACY_ARRAY:
+ return NativeArray2JS(cx, d, *static_cast<const void* const*>(s),
+ type.ArrayElementType(), iid, arrlen, pErr);
+
+ case nsXPTType::T_ARRAY: {
+ auto* array = static_cast<const xpt::detail::UntypedTArray*>(s);
+ return NativeArray2JS(cx, d, array->Elements(), type.ArrayElementType(),
+ iid, array->Length(), pErr);
+ }
+
+ default:
+ NS_ERROR("bad type");
+ return false;
+ }
+}
+
+/***************************************************************************/
+
+#ifdef DEBUG
+static bool CheckChar16InCharRange(char16_t c) {
+ if (ILLEGAL_RANGE(c)) {
+ /* U+0080/U+0100 - U+FFFF data lost. */
+ static const size_t MSG_BUF_SIZE = 64;
+ char msg[MSG_BUF_SIZE];
+ SprintfLiteral(msg,
+ "char16_t out of char range; high bits of data lost: 0x%x",
+ int(c));
+ NS_WARNING(msg);
+ return false;
+ }
+
+ return true;
+}
+
+template <typename CharT>
+static void CheckCharsInCharRange(const CharT* chars, size_t len) {
+ for (size_t i = 0; i < len; i++) {
+ if (!CheckChar16InCharRange(chars[i])) {
+ break;
+ }
+ }
+}
+#endif
+
+template <typename T>
+bool ConvertToPrimitive(JSContext* cx, HandleValue v, T* retval) {
+ return ValueToPrimitive<T, eDefault>(cx, v, "Value", retval);
+}
+
+// static
+bool XPCConvert::JSData2Native(JSContext* cx, void* d, HandleValue s,
+ const nsXPTType& type, const nsID* iid,
+ uint32_t arrlen, nsresult* pErr) {
+ MOZ_ASSERT(d, "bad param");
+
+ js::AssertSameCompartment(cx, s);
+
+ if (pErr) {
+ *pErr = NS_ERROR_XPC_BAD_CONVERT_JS;
+ }
+
+ bool sizeis =
+ type.Tag() == TD_PSTRING_SIZE_IS || type.Tag() == TD_PWSTRING_SIZE_IS;
+
+ switch (type.Tag()) {
+ case nsXPTType::T_I8:
+ return ConvertToPrimitive(cx, s, static_cast<int8_t*>(d));
+ case nsXPTType::T_I16:
+ return ConvertToPrimitive(cx, s, static_cast<int16_t*>(d));
+ case nsXPTType::T_I32:
+ return ConvertToPrimitive(cx, s, static_cast<int32_t*>(d));
+ case nsXPTType::T_I64:
+ return ConvertToPrimitive(cx, s, static_cast<int64_t*>(d));
+ case nsXPTType::T_U8:
+ return ConvertToPrimitive(cx, s, static_cast<uint8_t*>(d));
+ case nsXPTType::T_U16:
+ return ConvertToPrimitive(cx, s, static_cast<uint16_t*>(d));
+ case nsXPTType::T_U32:
+ return ConvertToPrimitive(cx, s, static_cast<uint32_t*>(d));
+ case nsXPTType::T_U64:
+ return ConvertToPrimitive(cx, s, static_cast<uint64_t*>(d));
+ case nsXPTType::T_FLOAT:
+ return ConvertToPrimitive(cx, s, static_cast<float*>(d));
+ case nsXPTType::T_DOUBLE:
+ return ConvertToPrimitive(cx, s, static_cast<double*>(d));
+ case nsXPTType::T_BOOL:
+ return ConvertToPrimitive(cx, s, static_cast<bool*>(d));
+ case nsXPTType::T_CHAR: {
+ JSString* str = ToString(cx, s);
+ if (!str) {
+ return false;
+ }
+
+ char16_t ch;
+ if (JS_GetStringLength(str) == 0) {
+ ch = 0;
+ } else {
+ if (!JS_GetStringCharAt(cx, str, 0, &ch)) {
+ return false;
+ }
+ }
+#ifdef DEBUG
+ CheckChar16InCharRange(ch);
+#endif
+ *((char*)d) = char(ch);
+ break;
+ }
+ case nsXPTType::T_WCHAR: {
+ JSString* str;
+ if (!(str = ToString(cx, s))) {
+ return false;
+ }
+ size_t length = JS_GetStringLength(str);
+ if (length == 0) {
+ *((uint16_t*)d) = 0;
+ break;
+ }
+
+ char16_t ch;
+ if (!JS_GetStringCharAt(cx, str, 0, &ch)) {
+ return false;
+ }
+
+ *((uint16_t*)d) = uint16_t(ch);
+ break;
+ }
+ case nsXPTType::T_JSVAL:
+ *((Value*)d) = s;
+ break;
+ case nsXPTType::T_VOID:
+ XPC_LOG_ERROR(("XPCConvert::JSData2Native : void* params not supported"));
+ NS_ERROR("void* params not supported");
+ return false;
+
+ case nsXPTType::T_NSIDPTR:
+ if (Maybe<nsID> id = xpc::JSValue2ID(cx, s)) {
+ *((const nsID**)d) = id.ref().Clone();
+ return true;
+ }
+ return false;
+
+ case nsXPTType::T_NSID:
+ if (Maybe<nsID> id = xpc::JSValue2ID(cx, s)) {
+ *((nsID*)d) = id.ref();
+ return true;
+ }
+ return false;
+
+ case nsXPTType::T_ASTRING: {
+ nsAString* ws = (nsAString*)d;
+ if (s.isUndefined() || s.isNull()) {
+ ws->SetIsVoid(true);
+ return true;
+ }
+ size_t length = 0;
+ JSString* str = ToString(cx, s);
+ if (!str) {
+ return false;
+ }
+
+ length = JS_GetStringLength(str);
+ if (!length) {
+ ws->Truncate();
+ return true;
+ }
+
+ return AssignJSString(cx, *ws, str);
+ }
+
+ case nsXPTType::T_CHAR_STR:
+ case nsXPTType::T_PSTRING_SIZE_IS: {
+ if (s.isUndefined() || s.isNull()) {
+ if (sizeis && 0 != arrlen) {
+ if (pErr) {
+ *pErr = NS_ERROR_XPC_NOT_ENOUGH_CHARS_IN_STRING;
+ }
+ return false;
+ }
+ *((char**)d) = nullptr;
+ return true;
+ }
+
+ JSString* str = ToString(cx, s);
+ if (!str) {
+ return false;
+ }
+
+#ifdef DEBUG
+ if (JS::StringHasLatin1Chars(str)) {
+ size_t len;
+ AutoCheckCannotGC nogc;
+ const Latin1Char* chars =
+ JS_GetLatin1StringCharsAndLength(cx, nogc, str, &len);
+ if (chars) {
+ CheckCharsInCharRange(chars, len);
+ }
+ } else {
+ size_t len;
+ AutoCheckCannotGC nogc;
+ const char16_t* chars =
+ JS_GetTwoByteStringCharsAndLength(cx, nogc, str, &len);
+ if (chars) {
+ CheckCharsInCharRange(chars, len);
+ }
+ }
+#endif // DEBUG
+
+ size_t length = JS_GetStringEncodingLength(cx, str);
+ if (length == size_t(-1)) {
+ return false;
+ }
+ if (sizeis) {
+ if (length > arrlen) {
+ if (pErr) {
+ *pErr = NS_ERROR_XPC_NOT_ENOUGH_CHARS_IN_STRING;
+ }
+ return false;
+ }
+ if (length < arrlen) {
+ length = arrlen;
+ }
+ }
+ char* buffer = static_cast<char*>(moz_xmalloc(length + 1));
+ if (!JS_EncodeStringToBuffer(cx, str, buffer, length)) {
+ free(buffer);
+ return false;
+ }
+ buffer[length] = '\0';
+ *((void**)d) = buffer;
+ return true;
+ }
+
+ case nsXPTType::T_WCHAR_STR:
+ case nsXPTType::T_PWSTRING_SIZE_IS: {
+ JSString* str;
+
+ if (s.isUndefined() || s.isNull()) {
+ if (sizeis && 0 != arrlen) {
+ if (pErr) {
+ *pErr = NS_ERROR_XPC_NOT_ENOUGH_CHARS_IN_STRING;
+ }
+ return false;
+ }
+ *((char16_t**)d) = nullptr;
+ return true;
+ }
+
+ if (!(str = ToString(cx, s))) {
+ return false;
+ }
+ size_t len = JS_GetStringLength(str);
+ if (sizeis) {
+ if (len > arrlen) {
+ if (pErr) {
+ *pErr = NS_ERROR_XPC_NOT_ENOUGH_CHARS_IN_STRING;
+ }
+ return false;
+ }
+ if (len < arrlen) {
+ len = arrlen;
+ }
+ }
+
+ size_t byte_len = (len + 1) * sizeof(char16_t);
+ *((void**)d) = moz_xmalloc(byte_len);
+ mozilla::Range<char16_t> destChars(*((char16_t**)d), len + 1);
+ if (!JS_CopyStringChars(cx, destChars, str)) {
+ return false;
+ }
+ destChars[len] = 0;
+
+ return true;
+ }
+
+ case nsXPTType::T_UTF8STRING: {
+ nsACString* rs = (nsACString*)d;
+ if (s.isNull() || s.isUndefined()) {
+ rs->SetIsVoid(true);
+ return true;
+ }
+
+ // The JS val is neither null nor void...
+ JSString* str = ToString(cx, s);
+ if (!str) {
+ return false;
+ }
+
+ size_t length = JS_GetStringLength(str);
+ if (!length) {
+ rs->Truncate();
+ return true;
+ }
+
+ JSLinearString* linear = JS_EnsureLinearString(cx, str);
+ if (!linear) {
+ return false;
+ }
+
+ size_t utf8Length = JS::GetDeflatedUTF8StringLength(linear);
+ if (!rs->SetLength(utf8Length, fallible)) {
+ if (pErr) {
+ *pErr = NS_ERROR_OUT_OF_MEMORY;
+ }
+ return false;
+ }
+
+ mozilla::DebugOnly<size_t> written = JS::DeflateStringToUTF8Buffer(
+ linear, mozilla::Span(rs->BeginWriting(), utf8Length));
+ MOZ_ASSERT(written == utf8Length);
+
+ return true;
+ }
+
+ case nsXPTType::T_CSTRING: {
+ nsACString* rs = (nsACString*)d;
+ if (s.isNull() || s.isUndefined()) {
+ rs->SetIsVoid(true);
+ return true;
+ }
+
+ // The JS val is neither null nor void...
+ JSString* str = ToString(cx, s);
+ if (!str) {
+ return false;
+ }
+
+ size_t length = JS_GetStringEncodingLength(cx, str);
+ if (length == size_t(-1)) {
+ return false;
+ }
+
+ if (!length) {
+ rs->Truncate();
+ return true;
+ }
+
+ if (!rs->SetLength(uint32_t(length), fallible)) {
+ if (pErr) {
+ *pErr = NS_ERROR_OUT_OF_MEMORY;
+ }
+ return false;
+ }
+ if (rs->Length() != uint32_t(length)) {
+ return false;
+ }
+ if (!JS_EncodeStringToBuffer(cx, str, rs->BeginWriting(), length)) {
+ return false;
+ }
+
+ return true;
+ }
+
+ case nsXPTType::T_INTERFACE:
+ case nsXPTType::T_INTERFACE_IS: {
+ MOZ_ASSERT(iid, "can't do interface conversions without iid");
+
+ if (iid->Equals(NS_GET_IID(nsIVariant))) {
+ nsCOMPtr<nsIVariant> variant = XPCVariant::newVariant(cx, s);
+ if (!variant) {
+ return false;
+ }
+
+ variant.forget(static_cast<nsISupports**>(d));
+ return true;
+ }
+
+ if (s.isNullOrUndefined()) {
+ *((nsISupports**)d) = nullptr;
+ return true;
+ }
+
+ // only wrap JSObjects
+ if (!s.isObject()) {
+ if (pErr && s.isInt32() && 0 == s.toInt32()) {
+ *pErr = NS_ERROR_XPC_BAD_CONVERT_JS_ZERO_ISNOT_NULL;
+ }
+ return false;
+ }
+
+ RootedObject src(cx, &s.toObject());
+ return JSObject2NativeInterface(cx, (void**)d, src, iid, nullptr, pErr);
+ }
+
+ case nsXPTType::T_DOMOBJECT: {
+ if (s.isNullOrUndefined()) {
+ *((void**)d) = nullptr;
+ return true;
+ }
+
+ // Can't handle non-JSObjects
+ if (!s.isObject()) {
+ return false;
+ }
+
+ nsresult err = type.GetDOMObjectInfo().Unwrap(s, (void**)d, cx);
+ if (pErr) {
+ *pErr = err;
+ }
+ return NS_SUCCEEDED(err);
+ }
+
+ case nsXPTType::T_PROMISE: {
+ nsIGlobalObject* glob = CurrentNativeGlobal(cx);
+ if (!glob) {
+ if (pErr) {
+ *pErr = NS_ERROR_UNEXPECTED;
+ }
+ return false;
+ }
+
+ // Call Promise::Resolve to create a Promise object. This allows us to
+ // support returning non-promise values from Promise-returning functions
+ // in JS.
+ IgnoredErrorResult err;
+ *(Promise**)d = Promise::Resolve(glob, cx, s, err).take();
+ bool ok = !err.Failed();
+ if (pErr) {
+ *pErr = err.StealNSResult();
+ }
+
+ return ok;
+ }
+
+ case nsXPTType::T_LEGACY_ARRAY: {
+ void** dest = (void**)d;
+ const nsXPTType& elty = type.ArrayElementType();
+
+ *dest = nullptr;
+
+ // FIXME: XPConnect historically has shortcut the JSArray2Native codepath
+ // in its caller if arrlen is 0, allowing arbitrary values to be passed as
+ // arrays and interpreted as the empty array (bug 1458987).
+ //
+ // NOTE: Once this is fixed, null/undefined should be allowed for arrays
+ // if arrlen is 0.
+ if (arrlen == 0) {
+ return true;
+ }
+
+ bool ok = JSArray2Native(
+ cx, s, elty, iid, pErr, [&](uint32_t* aLength) -> void* {
+ // Check that we have enough elements in our array.
+ if (*aLength < arrlen) {
+ if (pErr) {
+ *pErr = NS_ERROR_XPC_NOT_ENOUGH_ELEMENTS_IN_ARRAY;
+ }
+ return nullptr;
+ }
+ *aLength = arrlen;
+
+ // Allocate the backing buffer & return it.
+ *dest = moz_xmalloc(*aLength * elty.Stride());
+ return *dest;
+ });
+
+ if (!ok && *dest) {
+ // An error occurred, free any allocated backing buffer.
+ free(*dest);
+ *dest = nullptr;
+ }
+ return ok;
+ }
+
+ case nsXPTType::T_ARRAY: {
+ auto* dest = (xpt::detail::UntypedTArray*)d;
+ const nsXPTType& elty = type.ArrayElementType();
+
+ bool ok = JSArray2Native(cx, s, elty, iid, pErr,
+ [&](uint32_t* aLength) -> void* {
+ if (!dest->SetLength(elty, *aLength)) {
+ if (pErr) {
+ *pErr = NS_ERROR_OUT_OF_MEMORY;
+ }
+ return nullptr;
+ }
+ return dest->Elements();
+ });
+
+ if (!ok) {
+ // An error occurred, free any allocated backing buffer.
+ dest->Clear();
+ }
+ return ok;
+ }
+
+ default:
+ NS_ERROR("bad type");
+ return false;
+ }
+ return true;
+}
+
+/***************************************************************************/
+// static
+bool XPCConvert::NativeInterface2JSObject(JSContext* cx, MutableHandleValue d,
+ xpcObjectHelper& aHelper,
+ const nsID* iid,
+ bool allowNativeWrapper,
+ nsresult* pErr) {
+ if (!iid) {
+ iid = &NS_GET_IID(nsISupports);
+ }
+
+ d.setNull();
+ if (!aHelper.Object()) {
+ return true;
+ }
+ if (pErr) {
+ *pErr = NS_ERROR_XPC_BAD_CONVERT_NATIVE;
+ }
+
+ // We used to have code here that unwrapped and simply exposed the
+ // underlying JSObject. That caused anomolies when JSComponents were
+ // accessed from other JS code - they didn't act like other xpconnect
+ // wrapped components. So, instead, we create "double wrapped" objects
+ // (that means an XPCWrappedNative around an nsXPCWrappedJS). This isn't
+ // optimal -- we could detect this and roll the functionality into a
+ // single wrapper, but the current solution is good enough for now.
+ XPCWrappedNativeScope* xpcscope = ObjectScope(JS::CurrentGlobalOrNull(cx));
+ if (!xpcscope) {
+ return false;
+ }
+
+ JSAutoRealm ar(cx, xpcscope->GetGlobalForWrappedNatives());
+
+ // First, see if this object supports the wrapper cache. In that case, the
+ // object to use is found as cache->GetWrapper(). If that is null, then the
+ // object will create (and fill the cache) from its WrapObject call.
+ nsWrapperCache* cache = aHelper.GetWrapperCache();
+
+ RootedObject flat(cx, cache ? cache->GetWrapper() : nullptr);
+ if (!flat && cache) {
+ RootedObject global(cx, CurrentGlobalOrNull(cx));
+ flat = cache->WrapObject(cx, nullptr);
+ if (!flat) {
+ return false;
+ }
+ }
+ if (flat) {
+ if (allowNativeWrapper && !JS_WrapObject(cx, &flat)) {
+ return false;
+ }
+ d.setObjectOrNull(flat);
+ return true;
+ }
+
+ // Go ahead and create an XPCWrappedNative for this object.
+ RefPtr<XPCNativeInterface> iface = XPCNativeInterface::GetNewOrUsed(cx, iid);
+ if (!iface) {
+ return false;
+ }
+
+ RefPtr<XPCWrappedNative> wrapper;
+ nsresult rv = XPCWrappedNative::GetNewOrUsed(cx, aHelper, xpcscope, iface,
+ getter_AddRefs(wrapper));
+ if (NS_FAILED(rv) && pErr) {
+ *pErr = rv;
+ }
+
+ // If creating the wrapped native failed, then return early.
+ if (NS_FAILED(rv) || !wrapper) {
+ return false;
+ }
+
+ // If we're not creating security wrappers, we can return the
+ // XPCWrappedNative as-is here.
+ flat = wrapper->GetFlatJSObject();
+ if (!allowNativeWrapper) {
+ d.setObjectOrNull(flat);
+ if (pErr) {
+ *pErr = NS_OK;
+ }
+ return true;
+ }
+
+ // The call to wrap here handles both cross-compartment and same-compartment
+ // security wrappers.
+ RootedObject original(cx, flat);
+ if (!JS_WrapObject(cx, &flat)) {
+ return false;
+ }
+
+ d.setObjectOrNull(flat);
+
+ if (pErr) {
+ *pErr = NS_OK;
+ }
+
+ return true;
+}
+
+/***************************************************************************/
+
+// static
+bool XPCConvert::JSObject2NativeInterface(JSContext* cx, void** dest,
+ HandleObject src, const nsID* iid,
+ nsISupports* aOuter, nsresult* pErr) {
+ MOZ_ASSERT(dest, "bad param");
+ MOZ_ASSERT(src, "bad param");
+ MOZ_ASSERT(iid, "bad param");
+
+ js::AssertSameCompartment(cx, src);
+
+ *dest = nullptr;
+ if (pErr) {
+ *pErr = NS_ERROR_XPC_BAD_CONVERT_JS;
+ }
+
+ nsISupports* iface;
+
+ if (!aOuter) {
+ // Note that if we have a non-null aOuter then it means that we are
+ // forcing the creation of a wrapper even if the object *is* a
+ // wrappedNative or other wise has 'nsISupportness'.
+ // This allows wrapJSAggregatedToNative to work.
+
+ // If we're looking at a security wrapper, see now if we're allowed to
+ // pass it to C++. If we are, then fall through to the code below. If
+ // we aren't, throw an exception eagerly.
+ //
+ // NB: It's very important that we _don't_ unwrap in the aOuter case,
+ // because the caller may explicitly want to create the XPCWrappedJS
+ // around a security wrapper. XBL does this with Xrays from the XBL
+ // scope - see nsBindingManager::GetBindingImplementation.
+ //
+ // It's also very important that "inner" be rooted here.
+ RootedObject inner(
+ cx, js::CheckedUnwrapDynamic(src, cx,
+ /* stopAtWindowProxy = */ false));
+ if (!inner) {
+ if (pErr) {
+ *pErr = NS_ERROR_XPC_SECURITY_MANAGER_VETO;
+ }
+ return false;
+ }
+
+ // Is this really a native xpcom object with a wrapper?
+ XPCWrappedNative* wrappedNative = nullptr;
+ if (IsWrappedNativeReflector(inner)) {
+ wrappedNative = XPCWrappedNative::Get(inner);
+ }
+ if (wrappedNative) {
+ iface = wrappedNative->GetIdentityObject();
+ return NS_SUCCEEDED(iface->QueryInterface(*iid, dest));
+ }
+ // else...
+
+ // Deal with slim wrappers here.
+ if (GetISupportsFromJSObject(inner ? inner : src, &iface)) {
+ if (iface && NS_SUCCEEDED(iface->QueryInterface(*iid, dest))) {
+ return true;
+ }
+
+ // If that failed, and iid is for mozIDOMWindowProxy, we actually
+ // want the outer!
+ if (iid->Equals(NS_GET_IID(mozIDOMWindowProxy))) {
+ if (nsCOMPtr<mozIDOMWindow> inner = do_QueryInterface(iface)) {
+ iface = nsPIDOMWindowInner::From(inner)->GetOuterWindow();
+ return NS_SUCCEEDED(iface->QueryInterface(*iid, dest));
+ }
+ }
+
+ return false;
+ }
+ }
+
+ RefPtr<nsXPCWrappedJS> wrapper;
+ nsresult rv =
+ nsXPCWrappedJS::GetNewOrUsed(cx, src, *iid, getter_AddRefs(wrapper));
+ if (pErr) {
+ *pErr = rv;
+ }
+
+ if (NS_FAILED(rv) || !wrapper) {
+ return false;
+ }
+
+ // If the caller wanted to aggregate this JS object to a native,
+ // attach it to the wrapper. Note that we allow a maximum of one
+ // aggregated native for a given XPCWrappedJS.
+ if (aOuter) {
+ wrapper->SetAggregatedNativeObject(aOuter);
+ }
+
+ // We need to go through the QueryInterface logic to make this return
+ // the right thing for the various 'special' interfaces; e.g.
+ // nsISimpleEnumerator. We must use AggregatedQueryInterface in cases where
+ // there is an outer to avoid nasty recursion.
+ rv = aOuter ? wrapper->AggregatedQueryInterface(*iid, dest)
+ : wrapper->QueryInterface(*iid, dest);
+ if (pErr) {
+ *pErr = rv;
+ }
+ return NS_SUCCEEDED(rv);
+}
+
+/***************************************************************************/
+/***************************************************************************/
+
+// static
+nsresult XPCConvert::ConstructException(nsresult rv, const char* message,
+ const char* ifaceName,
+ const char* methodName,
+ nsISupports* data, Exception** exceptn,
+ JSContext* cx, Value* jsExceptionPtr) {
+ MOZ_ASSERT(!cx == !jsExceptionPtr,
+ "Expected cx and jsExceptionPtr to cooccur.");
+
+ static const char format[] = "\'%s\' when calling method: [%s::%s]";
+ const char* msg = message;
+ nsAutoCString sxmsg; // must have the same lifetime as msg
+
+ nsCOMPtr<nsIScriptError> errorObject = do_QueryInterface(data);
+ if (errorObject) {
+ nsString xmsg;
+ if (NS_SUCCEEDED(errorObject->GetMessageMoz(xmsg))) {
+ CopyUTF16toUTF8(xmsg, sxmsg);
+ msg = sxmsg.get();
+ }
+ }
+ if (!msg) {
+ if (!nsXPCException::NameAndFormatForNSResult(rv, nullptr, &msg) || !msg) {
+ msg = "<error>";
+ }
+ }
+
+ nsCString msgStr(msg);
+ if (ifaceName && methodName) {
+ msgStr.AppendPrintf(format, msg, ifaceName, methodName);
+ }
+
+ RefPtr<Exception> e = new Exception(msgStr, rv, ""_ns, nullptr, data);
+
+ if (cx && jsExceptionPtr) {
+ e->StowJSVal(*jsExceptionPtr);
+ }
+
+ e.forget(exceptn);
+ return NS_OK;
+}
+
+/********************************/
+
+class MOZ_STACK_CLASS AutoExceptionRestorer {
+ public:
+ AutoExceptionRestorer(JSContext* cx, const Value& v)
+ : mContext(cx), tvr(cx, v) {
+ JS_ClearPendingException(mContext);
+ }
+
+ ~AutoExceptionRestorer() { JS_SetPendingException(mContext, tvr); }
+
+ private:
+ JSContext* const mContext;
+ RootedValue tvr;
+};
+
+static nsresult JSErrorToXPCException(JSContext* cx, const char* toStringResult,
+ const char* ifaceName,
+ const char* methodName,
+ const JSErrorReport* report,
+ Exception** exceptn) {
+ nsresult rv = NS_ERROR_FAILURE;
+ RefPtr<nsScriptError> data;
+ if (report) {
+ nsAutoString bestMessage;
+ if (report->message()) {
+ CopyUTF8toUTF16(mozilla::MakeStringSpan(report->message().c_str()),
+ bestMessage);
+ } else if (toStringResult) {
+ CopyUTF8toUTF16(mozilla::MakeStringSpan(toStringResult), bestMessage);
+ } else {
+ bestMessage.AssignLiteral("JavaScript Error");
+ }
+
+ const char16_t* linebuf = report->linebuf();
+ uint32_t flags = report->isWarning() ? nsIScriptError::warningFlag
+ : nsIScriptError::errorFlag;
+
+ data = new nsScriptError();
+ data->nsIScriptError::InitWithWindowID(
+ bestMessage, NS_ConvertUTF8toUTF16(report->filename),
+ linebuf ? nsDependentString(linebuf, report->linebufLength())
+ : EmptyString(),
+ report->lineno, report->tokenOffset(), flags, "XPConnect JavaScript"_ns,
+ nsJSUtils::GetCurrentlyRunningCodeInnerWindowID(cx));
+ }
+
+ if (data) {
+ // Pass nullptr for the message: ConstructException will get a message
+ // from the nsIScriptError.
+ rv = XPCConvert::ConstructException(
+ NS_ERROR_XPC_JAVASCRIPT_ERROR_WITH_DETAILS, nullptr, ifaceName,
+ methodName, static_cast<nsIScriptError*>(data.get()), exceptn, nullptr,
+ nullptr);
+ } else {
+ rv = XPCConvert::ConstructException(NS_ERROR_XPC_JAVASCRIPT_ERROR, nullptr,
+ ifaceName, methodName, nullptr, exceptn,
+ nullptr, nullptr);
+ }
+ return rv;
+}
+
+// static
+nsresult XPCConvert::JSValToXPCException(JSContext* cx, MutableHandleValue s,
+ const char* ifaceName,
+ const char* methodName,
+ Exception** exceptn) {
+ AutoExceptionRestorer aer(cx, s);
+
+ if (!s.isPrimitive()) {
+ // we have a JSObject
+ RootedObject obj(cx, s.toObjectOrNull());
+
+ if (!obj) {
+ NS_ERROR("when is an object not an object?");
+ return NS_ERROR_FAILURE;
+ }
+
+ // is this really a native xpcom object with a wrapper?
+ JSObject* unwrapped =
+ js::CheckedUnwrapDynamic(obj, cx, /* stopAtWindowProxy = */ false);
+ if (!unwrapped) {
+ return NS_ERROR_XPC_SECURITY_MANAGER_VETO;
+ }
+ // It's OK to use ReflectorToISupportsStatic, because we have already
+ // stripped off wrappers.
+ if (nsCOMPtr<nsISupports> supports =
+ ReflectorToISupportsStatic(unwrapped)) {
+ nsCOMPtr<Exception> iface = do_QueryInterface(supports);
+ if (iface) {
+ // just pass through the exception (with extra ref and all)
+ iface.forget(exceptn);
+ return NS_OK;
+ }
+
+ // it is a wrapped native, but not an exception!
+ return ConstructException(NS_ERROR_XPC_JS_THREW_NATIVE_OBJECT, nullptr,
+ ifaceName, methodName, supports, exceptn,
+ nullptr, nullptr);
+ } else {
+ // It is a JSObject, but not a wrapped native...
+
+ // If it is an engine Error with an error report then let's
+ // extract the report and build an xpcexception from that
+ const JSErrorReport* report;
+ if (nullptr != (report = JS_ErrorFromException(cx, obj))) {
+ JS::UniqueChars toStringResult;
+ RootedString str(cx, ToString(cx, s));
+ if (str) {
+ toStringResult = JS_EncodeStringToUTF8(cx, str);
+ }
+ return JSErrorToXPCException(cx, toStringResult.get(), ifaceName,
+ methodName, report, exceptn);
+ }
+
+ // XXX we should do a check against 'js_ErrorClass' here and
+ // do the right thing - even though it has no JSErrorReport,
+ // The fact that it is a JSError exceptions means we can extract
+ // particular info and our 'result' should reflect that.
+
+ // otherwise we'll just try to convert it to a string
+
+ JSString* str = ToString(cx, s);
+ if (!str) {
+ return NS_ERROR_FAILURE;
+ }
+
+ JS::UniqueChars strBytes = JS_EncodeStringToLatin1(cx, str);
+ if (!strBytes) {
+ return NS_ERROR_FAILURE;
+ }
+
+ return ConstructException(NS_ERROR_XPC_JS_THREW_JS_OBJECT, strBytes.get(),
+ ifaceName, methodName, nullptr, exceptn, cx,
+ s.address());
+ }
+ }
+
+ if (s.isUndefined() || s.isNull()) {
+ return ConstructException(NS_ERROR_XPC_JS_THREW_NULL, nullptr, ifaceName,
+ methodName, nullptr, exceptn, cx, s.address());
+ }
+
+ if (s.isNumber()) {
+ // lets see if it looks like an nsresult
+ nsresult rv;
+ double number;
+ bool isResult = false;
+
+ if (s.isInt32()) {
+ rv = (nsresult)s.toInt32();
+ if (NS_FAILED(rv)) {
+ isResult = true;
+ } else {
+ number = (double)s.toInt32();
+ }
+ } else {
+ number = s.toDouble();
+ if (number > 0.0 && number < (double)0xffffffff &&
+ 0.0 == fmod(number, 1)) {
+ // Visual Studio 9 doesn't allow casting directly from a
+ // double to an enumeration type, contrary to 5.2.9(10) of
+ // C++11, so add an intermediate cast.
+ rv = (nsresult)(uint32_t)number;
+ if (NS_FAILED(rv)) {
+ isResult = true;
+ }
+ }
+ }
+
+ if (isResult) {
+ return ConstructException(rv, nullptr, ifaceName, methodName, nullptr,
+ exceptn, cx, s.address());
+ } else {
+ // XXX all this nsISupportsDouble code seems a little redundant
+ // now that we're storing the Value in the exception...
+ nsCOMPtr<nsISupportsDouble> data;
+ nsCOMPtr<nsIComponentManager> cm;
+ if (NS_FAILED(NS_GetComponentManager(getter_AddRefs(cm))) || !cm ||
+ NS_FAILED(cm->CreateInstanceByContractID(
+ NS_SUPPORTS_DOUBLE_CONTRACTID, NS_GET_IID(nsISupportsDouble),
+ getter_AddRefs(data)))) {
+ return NS_ERROR_FAILURE;
+ }
+ data->SetData(number);
+ rv = ConstructException(NS_ERROR_XPC_JS_THREW_NUMBER, nullptr, ifaceName,
+ methodName, data, exceptn, cx, s.address());
+ return rv;
+ }
+ }
+
+ // otherwise we'll just try to convert it to a string
+ // Note: e.g., bools get converted to JSStrings by this code.
+
+ JSString* str = ToString(cx, s);
+ if (str) {
+ if (JS::UniqueChars strBytes = JS_EncodeStringToLatin1(cx, str)) {
+ return ConstructException(NS_ERROR_XPC_JS_THREW_STRING, strBytes.get(),
+ ifaceName, methodName, nullptr, exceptn, cx,
+ s.address());
+ }
+ }
+ return NS_ERROR_FAILURE;
+}
+
+/***************************************************************************/
+
+// array fun...
+
+// static
+bool XPCConvert::NativeArray2JS(JSContext* cx, MutableHandleValue d,
+ const void* buf, const nsXPTType& type,
+ const nsID* iid, uint32_t count,
+ nsresult* pErr) {
+ MOZ_ASSERT(buf || count == 0, "Must have buf or 0 elements");
+
+ RootedObject array(cx, JS::NewArrayObject(cx, count));
+ if (!array) {
+ return false;
+ }
+
+ if (pErr) {
+ *pErr = NS_ERROR_XPC_BAD_CONVERT_NATIVE;
+ }
+
+ RootedValue current(cx, JS::NullValue());
+ for (uint32_t i = 0; i < count; ++i) {
+ if (!NativeData2JS(cx, &current, type.ElementPtr(buf, i), type, iid, 0,
+ pErr) ||
+ !JS_DefineElement(cx, array, i, current, JSPROP_ENUMERATE))
+ return false;
+ }
+
+ if (pErr) {
+ *pErr = NS_OK;
+ }
+ d.setObject(*array);
+ return true;
+}
+
+// static
+bool XPCConvert::JSArray2Native(JSContext* cx, JS::HandleValue aJSVal,
+ const nsXPTType& aEltType, const nsIID* aIID,
+ nsresult* pErr,
+ const ArrayAllocFixupLen& aAllocFixupLen) {
+ // Wrap aAllocFixupLen to check length is within bounds & initialize the
+ // allocated memory if needed.
+ auto allocFixupLen = [&](uint32_t* aLength) -> void* {
+ if (*aLength > (UINT32_MAX / aEltType.Stride())) {
+ return nullptr; // Byte length doesn't fit in uint32_t
+ }
+
+ void* buf = aAllocFixupLen(aLength);
+
+ // Ensure the buffer has valid values for each element. We can skip this
+ // for arithmetic types, as they do not require initialization.
+ if (buf && !aEltType.IsArithmetic()) {
+ for (uint32_t i = 0; i < *aLength; ++i) {
+ InitializeValue(aEltType, aEltType.ElementPtr(buf, i));
+ }
+ }
+ return buf;
+ };
+
+ // JSArray2Native only accepts objects (Array and TypedArray).
+ if (!aJSVal.isObject()) {
+ if (pErr) {
+ *pErr = NS_ERROR_XPC_CANT_CONVERT_PRIMITIVE_TO_ARRAY;
+ }
+ return false;
+ }
+ RootedObject jsarray(cx, &aJSVal.toObject());
+
+ if (pErr) {
+ *pErr = NS_ERROR_XPC_BAD_CONVERT_JS;
+ }
+
+ if (JS_IsTypedArrayObject(jsarray)) {
+ // Fast conversion of typed arrays to native using memcpy. No float or
+ // double canonicalization is done. ArrayBuffers are not accepted;
+ // create a properly typed array view on them first. The element type of
+ // array must match the XPCOM type in size, type and signedness exactly.
+ // As an exception, Uint8ClampedArray is allowed for arrays of uint8_t.
+ // DataViews are not supported.
+
+ nsXPTTypeTag tag;
+ switch (JS_GetArrayBufferViewType(jsarray)) {
+ case js::Scalar::Int8:
+ tag = TD_INT8;
+ break;
+ case js::Scalar::Uint8:
+ tag = TD_UINT8;
+ break;
+ case js::Scalar::Uint8Clamped:
+ tag = TD_UINT8;
+ break;
+ case js::Scalar::Int16:
+ tag = TD_INT16;
+ break;
+ case js::Scalar::Uint16:
+ tag = TD_UINT16;
+ break;
+ case js::Scalar::Int32:
+ tag = TD_INT32;
+ break;
+ case js::Scalar::Uint32:
+ tag = TD_UINT32;
+ break;
+ case js::Scalar::Float32:
+ tag = TD_FLOAT;
+ break;
+ case js::Scalar::Float64:
+ tag = TD_DOUBLE;
+ break;
+ default:
+ return false;
+ }
+ if (aEltType.Tag() != tag) {
+ return false;
+ }
+
+ // Allocate the backing buffer before getting the view data in case
+ // allocFixupLen can cause GCs.
+ uint32_t length;
+ {
+ // nsTArray and code below uses uint32_t lengths, so reject large typed
+ // arrays.
+ size_t fullLength = JS_GetTypedArrayLength(jsarray);
+ if (fullLength > UINT32_MAX) {
+ return false;
+ }
+ length = uint32_t(fullLength);
+ }
+ void* buf = allocFixupLen(&length);
+ if (!buf) {
+ return false;
+ }
+
+ // Get the backing memory buffer to copy out of.
+ JS::AutoCheckCannotGC nogc;
+ bool isShared = false;
+ const void* data = JS_GetArrayBufferViewData(jsarray, &isShared, nogc);
+
+ // Require opting in to shared memory - a future project.
+ if (isShared) {
+ return false;
+ }
+
+ // Directly copy data into the allocated target buffer.
+ memcpy(buf, data, length * aEltType.Stride());
+ return true;
+ }
+
+ // If jsarray is not a TypedArrayObject, check for an Array object.
+ uint32_t length = 0;
+ bool isArray = false;
+ if (!JS::IsArrayObject(cx, jsarray, &isArray) || !isArray ||
+ !JS::GetArrayLength(cx, jsarray, &length)) {
+ if (pErr) {
+ *pErr = NS_ERROR_XPC_CANT_CONVERT_OBJECT_TO_ARRAY;
+ }
+ return false;
+ }
+
+ void* buf = allocFixupLen(&length);
+ if (!buf) {
+ return false;
+ }
+
+ // Translate each array element separately.
+ RootedValue current(cx);
+ for (uint32_t i = 0; i < length; ++i) {
+ if (!JS_GetElement(cx, jsarray, i, &current) ||
+ !JSData2Native(cx, aEltType.ElementPtr(buf, i), current, aEltType, aIID,
+ 0, pErr)) {
+ // Array element conversion failed. Clean up all elements converted
+ // before the error. Caller handles freeing 'buf'.
+ for (uint32_t j = 0; j < i; ++j) {
+ DestructValue(aEltType, aEltType.ElementPtr(buf, j));
+ }
+ return false;
+ }
+ }
+
+ return true;
+}
+
+/***************************************************************************/
+
+// Internal implementation details for xpc::CleanupValue.
+
+void xpc::InnerCleanupValue(const nsXPTType& aType, void* aValue,
+ uint32_t aArrayLen) {
+ MOZ_ASSERT(!aType.IsArithmetic(),
+ "Arithmetic types should not get to InnerCleanupValue!");
+ MOZ_ASSERT(aArrayLen == 0 || aType.Tag() == nsXPTType::T_PSTRING_SIZE_IS ||
+ aType.Tag() == nsXPTType::T_PWSTRING_SIZE_IS ||
+ aType.Tag() == nsXPTType::T_LEGACY_ARRAY,
+ "Array lengths may only appear for certain types!");
+
+ switch (aType.Tag()) {
+ // Pointer types
+ case nsXPTType::T_DOMOBJECT:
+ aType.GetDOMObjectInfo().Cleanup(*(void**)aValue);
+ break;
+
+ case nsXPTType::T_PROMISE:
+ (*(mozilla::dom::Promise**)aValue)->Release();
+ break;
+
+ case nsXPTType::T_INTERFACE:
+ case nsXPTType::T_INTERFACE_IS:
+ (*(nsISupports**)aValue)->Release();
+ break;
+
+ // String types
+ case nsXPTType::T_ASTRING:
+ ((nsAString*)aValue)->Truncate();
+ break;
+ case nsXPTType::T_UTF8STRING:
+ case nsXPTType::T_CSTRING:
+ ((nsACString*)aValue)->Truncate();
+ break;
+
+ // Pointer Types
+ case nsXPTType::T_NSIDPTR:
+ case nsXPTType::T_CHAR_STR:
+ case nsXPTType::T_WCHAR_STR:
+ case nsXPTType::T_PSTRING_SIZE_IS:
+ case nsXPTType::T_PWSTRING_SIZE_IS:
+ free(*(void**)aValue);
+ break;
+
+ // Legacy Array Type
+ case nsXPTType::T_LEGACY_ARRAY: {
+ const nsXPTType& elty = aType.ArrayElementType();
+ void* elements = *(void**)aValue;
+
+ for (uint32_t i = 0; i < aArrayLen; ++i) {
+ DestructValue(elty, elty.ElementPtr(elements, i));
+ }
+ free(elements);
+ break;
+ }
+
+ // Array Type
+ case nsXPTType::T_ARRAY: {
+ const nsXPTType& elty = aType.ArrayElementType();
+ auto* array = (xpt::detail::UntypedTArray*)aValue;
+
+ for (uint32_t i = 0; i < array->Length(); ++i) {
+ DestructValue(elty, elty.ElementPtr(array->Elements(), i));
+ }
+ array->Clear();
+ break;
+ }
+
+ // Clear nsID& parameters to `0`
+ case nsXPTType::T_NSID:
+ ((nsID*)aValue)->Clear();
+ break;
+
+ // Clear the JS::Value to `undefined`
+ case nsXPTType::T_JSVAL:
+ ((JS::Value*)aValue)->setUndefined();
+ break;
+
+ // Non-arithmetic types requiring no cleanup
+ case nsXPTType::T_VOID:
+ break;
+
+ default:
+ MOZ_CRASH("Unknown Type!");
+ }
+
+ // Clear any non-complex values to the valid '0' state.
+ if (!aType.IsComplex()) {
+ aType.ZeroValue(aValue);
+ }
+}
+
+/***************************************************************************/
+
+// Implementation of xpc::InitializeValue.
+
+void xpc::InitializeValue(const nsXPTType& aType, void* aValue) {
+ switch (aType.Tag()) {
+ // Use placement-new to initialize complex values
+#define XPT_INIT_TYPE(tag, type) \
+ case tag: \
+ new (aValue) type(); \
+ break;
+ XPT_FOR_EACH_COMPLEX_TYPE(XPT_INIT_TYPE)
+#undef XPT_INIT_TYPE
+
+ // The remaining types have valid states where all bytes are '0'.
+ default:
+ aType.ZeroValue(aValue);
+ break;
+ }
+}
+
+// In XPT_FOR_EACH_COMPLEX_TYPE, typenames may be namespaced (such as
+// xpt::UntypedTArray). Namespaced typenames cannot be used to explicitly invoke
+// destructors, so this method acts as a helper to let us call the destructor of
+// these objects.
+template <typename T>
+static void _DestructValueHelper(void* aValue) {
+ static_cast<T*>(aValue)->~T();
+}
+
+void xpc::DestructValue(const nsXPTType& aType, void* aValue,
+ uint32_t aArrayLen) {
+ // Get aValue into an clean, empty state.
+ xpc::CleanupValue(aType, aValue, aArrayLen);
+
+ // Run destructors on complex types.
+ switch (aType.Tag()) {
+#define XPT_RUN_DESTRUCTOR(tag, type) \
+ case tag: \
+ _DestructValueHelper<type>(aValue); \
+ break;
+ XPT_FOR_EACH_COMPLEX_TYPE(XPT_RUN_DESTRUCTOR)
+#undef XPT_RUN_DESTRUCTOR
+ default:
+ break; // dtor is a no-op on other types.
+ }
+}