Bug 1849056 - handle failures of CryptoBuffer::ToArrayBuffer. r=tschu…

…ster,webidl,smaug Differential Revision: https://phabricator.services.mozilla.com/D186398
dothq · Aug 17, 2023 · fc0dea8 · fc0dea8
1 parent 7c4acfb
commit fc0dea8
Show file tree

Hide file tree

Showing 9 changed files with 57 additions and 27 deletions.
diff --git a/dom/webauthn/AuthenticatorAssertionResponse.cpp b/dom/webauthn/AuthenticatorAssertionResponse.cpp
@@ -55,11 +55,15 @@ JSObject* AuthenticatorAssertionResponse::WrapObject(
 }
 
 void AuthenticatorAssertionResponse::GetAuthenticatorData(
-    JSContext* aCx, JS::MutableHandle<JSObject*> aRetVal) {
+    JSContext* aCx, JS::MutableHandle<JSObject*> aValue, ErrorResult& aRv) {
   if (!mAuthenticatorDataCachedObj) {
     mAuthenticatorDataCachedObj = mAuthenticatorData.ToArrayBuffer(aCx);
+    if (!mAuthenticatorDataCachedObj) {
+      aRv.NoteJSContextException(aCx);
+      return;
+    }
   }
-  aRetVal.set(mAuthenticatorDataCachedObj);
+  aValue.set(mAuthenticatorDataCachedObj);
 }
 
 nsresult AuthenticatorAssertionResponse::SetAuthenticatorData(
@@ -71,11 +75,15 @@ nsresult AuthenticatorAssertionResponse::SetAuthenticatorData(
 }
 
 void AuthenticatorAssertionResponse::GetSignature(
-    JSContext* aCx, JS::MutableHandle<JSObject*> aRetVal) {
+    JSContext* aCx, JS::MutableHandle<JSObject*> aValue, ErrorResult& aRv) {
   if (!mSignatureCachedObj) {
     mSignatureCachedObj = mSignature.ToArrayBuffer(aCx);
+    if (!mSignatureCachedObj) {
+      aRv.NoteJSContextException(aCx);
+      return;
+    }
   }
-  aRetVal.set(mSignatureCachedObj);
+  aValue.set(mSignatureCachedObj);
 }
 
 nsresult AuthenticatorAssertionResponse::SetSignature(CryptoBuffer& aBuffer) {
@@ -86,17 +94,21 @@ nsresult AuthenticatorAssertionResponse::SetSignature(CryptoBuffer& aBuffer) {
 }
 
 void AuthenticatorAssertionResponse::GetUserHandle(
-    JSContext* aCx, JS::MutableHandle<JSObject*> aRetVal) {
+    JSContext* aCx, JS::MutableHandle<JSObject*> aValue, ErrorResult& aRv) {
   // Per
   // https://w3c.github.io/webauthn/#ref-for-dom-authenticatorassertionresponse-userhandle%E2%91%A0
   // this should return null if the handle is unset.
   if (mUserHandle.IsEmpty()) {
-    aRetVal.set(nullptr);
+    aValue.set(nullptr);
   } else {
     if (!mUserHandleCachedObj) {
       mUserHandleCachedObj = mUserHandle.ToArrayBuffer(aCx);
+      if (!mUserHandleCachedObj) {
+        aRv.NoteJSContextException(aCx);
+        return;
+      }
     }
-    aRetVal.set(mUserHandleCachedObj);
+    aValue.set(mUserHandleCachedObj);
   }
 }
 

diff --git a/dom/webauthn/AuthenticatorAssertionResponse.h b/dom/webauthn/AuthenticatorAssertionResponse.h
@@ -32,16 +32,18 @@ class AuthenticatorAssertionResponse final : public AuthenticatorResponse {
   virtual JSObject* WrapObject(JSContext* aCx,
                                JS::Handle<JSObject*> aGivenProto) override;
 
-  void GetAuthenticatorData(JSContext* aCx,
-                            JS::MutableHandle<JSObject*> aRetVal);
+  void GetAuthenticatorData(JSContext* aCx, JS::MutableHandle<JSObject*> aValue,
+                            ErrorResult& aRv);
 
   nsresult SetAuthenticatorData(CryptoBuffer& aBuffer);
 
-  void GetSignature(JSContext* aCx, JS::MutableHandle<JSObject*> aRetVal);
+  void GetSignature(JSContext* aCx, JS::MutableHandle<JSObject*> aValue,
+                    ErrorResult& aRv);
 
   nsresult SetSignature(CryptoBuffer& aBuffer);
 
-  void GetUserHandle(JSContext* aCx, JS::MutableHandle<JSObject*> aRetVal);
+  void GetUserHandle(JSContext* aCx, JS::MutableHandle<JSObject*> aValue,
+                     ErrorResult& aRv);
 
   nsresult SetUserHandle(CryptoBuffer& aUserHandle);
 

diff --git a/dom/webauthn/AuthenticatorAttestationResponse.cpp b/dom/webauthn/AuthenticatorAttestationResponse.cpp
@@ -51,11 +51,15 @@ JSObject* AuthenticatorAttestationResponse::WrapObject(
 }
 
 void AuthenticatorAttestationResponse::GetAttestationObject(
-    JSContext* aCx, JS::MutableHandle<JSObject*> aRetVal) {
+    JSContext* aCx, JS::MutableHandle<JSObject*> aValue, ErrorResult& aRv) {
   if (!mAttestationObjectCachedObj) {
     mAttestationObjectCachedObj = mAttestationObject.ToArrayBuffer(aCx);
+    if (!mAttestationObjectCachedObj) {
+      aRv.NoteJSContextException(aCx);
+      return;
+    }
   }
-  aRetVal.set(mAttestationObjectCachedObj);
+  aValue.set(mAttestationObjectCachedObj);
 }
 
 nsresult AuthenticatorAttestationResponse::SetAttestationObject(

diff --git a/dom/webauthn/AuthenticatorAttestationResponse.h b/dom/webauthn/AuthenticatorAttestationResponse.h
@@ -32,8 +32,8 @@ class AuthenticatorAttestationResponse final : public AuthenticatorResponse {
   virtual JSObject* WrapObject(JSContext* aCx,
                                JS::Handle<JSObject*> aGivenProto) override;
 
-  void GetAttestationObject(JSContext* aCx,
-                            JS::MutableHandle<JSObject*> aRetVal);
+  void GetAttestationObject(JSContext* aCx, JS::MutableHandle<JSObject*> aValue,
+                            ErrorResult& aRv);
 
   nsresult SetAttestationObject(CryptoBuffer& aBuffer);
 

diff --git a/dom/webauthn/AuthenticatorResponse.cpp b/dom/webauthn/AuthenticatorResponse.cpp
@@ -34,11 +34,15 @@ AuthenticatorResponse::~AuthenticatorResponse() {
 nsISupports* AuthenticatorResponse::GetParentObject() const { return mParent; }
 
 void AuthenticatorResponse::GetClientDataJSON(
-    JSContext* aCx, JS::MutableHandle<JSObject*> aRetVal) {
+    JSContext* aCx, JS::MutableHandle<JSObject*> aValue, ErrorResult& aRv) {
   if (!mClientDataJSONCachedObj) {
     mClientDataJSONCachedObj = mClientDataJSON.ToArrayBuffer(aCx);
+    if (!mClientDataJSONCachedObj) {
+      aRv.NoteJSContextException(aCx);
+      return;
+    }
   }
-  aRetVal.set(mClientDataJSONCachedObj);
+  aValue.set(mClientDataJSONCachedObj);
 }
 
 nsresult AuthenticatorResponse::SetClientDataJSON(CryptoBuffer& aBuffer) {

diff --git a/dom/webauthn/AuthenticatorResponse.h b/dom/webauthn/AuthenticatorResponse.h
@@ -9,6 +9,7 @@
 
 #include "js/TypeDecls.h"
 #include "mozilla/Attributes.h"
+#include "mozilla/ErrorResult.h"
 #include "mozilla/dom/BindingDeclarations.h"
 #include "mozilla/dom/CryptoBuffer.h"
 #include "nsCycleCollectionParticipant.h"
@@ -33,7 +34,8 @@ class AuthenticatorResponse : public nsISupports, public nsWrapperCache {
 
   void GetFormat(nsString& aRetVal) const;
 
-  void GetClientDataJSON(JSContext* aCx, JS::MutableHandle<JSObject*> aRetVal);
+  void GetClientDataJSON(JSContext* aCx, JS::MutableHandle<JSObject*> aValue,
+                         ErrorResult& aRv);
 
   nsresult SetClientDataJSON(CryptoBuffer& aBuffer);
 

diff --git a/dom/webauthn/PublicKeyCredential.cpp b/dom/webauthn/PublicKeyCredential.cpp
@@ -58,11 +58,16 @@ JSObject* PublicKeyCredential::WrapObject(JSContext* aCx,
 }
 
 void PublicKeyCredential::GetRawId(JSContext* aCx,
-                                   JS::MutableHandle<JSObject*> aRetVal) {
+                                   JS::MutableHandle<JSObject*> aValue,
+                                   ErrorResult& aRv) {
   if (!mRawIdCachedObj) {
     mRawIdCachedObj = mRawId.ToArrayBuffer(aCx);
+    if (!mRawIdCachedObj) {
+      aRv.NoteJSContextException(aCx);
+      return;
+    }
   }
-  aRetVal.set(mRawIdCachedObj);
+  aValue.set(mRawIdCachedObj);
 }
 
 already_AddRefed<AuthenticatorResponse> PublicKeyCredential::Response() const {

diff --git a/dom/webauthn/PublicKeyCredential.h b/dom/webauthn/PublicKeyCredential.h
@@ -32,7 +32,8 @@ class PublicKeyCredential final : public Credential {
   virtual JSObject* WrapObject(JSContext* aCx,
                                JS::Handle<JSObject*> aGivenProto) override;
 
-  void GetRawId(JSContext* cx, JS::MutableHandle<JSObject*> aRetVal);
+  void GetRawId(JSContext* aCx, JS::MutableHandle<JSObject*> aValue,
+                ErrorResult& aRv);
 
   already_AddRefed<AuthenticatorResponse> Response() const;
 

diff --git a/dom/webidl/WebAuthentication.webidl b/dom/webidl/WebAuthentication.webidl
@@ -12,7 +12,7 @@
 [SecureContext, Pref="security.webauth.webauthn",
  Exposed=Window]
 interface PublicKeyCredential : Credential {
-    [SameObject] readonly attribute ArrayBuffer              rawId;
+    [SameObject, Throws] readonly attribute ArrayBuffer      rawId;
     [SameObject] readonly attribute AuthenticatorResponse    response;
     AuthenticationExtensionsClientOutputs getClientExtensionResults();
 };
@@ -27,21 +27,21 @@ partial interface PublicKeyCredential {
 [SecureContext, Pref="security.webauth.webauthn",
  Exposed=Window]
 interface AuthenticatorResponse {
-    [SameObject] readonly attribute ArrayBuffer clientDataJSON;
+    [SameObject, Throws] readonly attribute ArrayBuffer clientDataJSON;
 };
 
 [SecureContext, Pref="security.webauth.webauthn",
  Exposed=Window]
 interface AuthenticatorAttestationResponse : AuthenticatorResponse {
-    [SameObject] readonly attribute ArrayBuffer attestationObject;
+    [SameObject, Throws] readonly attribute ArrayBuffer attestationObject;
 };
 
 [SecureContext, Pref="security.webauth.webauthn",
  Exposed=Window]
 interface AuthenticatorAssertionResponse : AuthenticatorResponse {
-    [SameObject] readonly attribute ArrayBuffer      authenticatorData;
-    [SameObject] readonly attribute ArrayBuffer      signature;
-    [SameObject] readonly attribute ArrayBuffer?     userHandle;
+    [SameObject, Throws] readonly attribute ArrayBuffer      authenticatorData;
+    [SameObject, Throws] readonly attribute ArrayBuffer      signature;
+    [SameObject, Throws] readonly attribute ArrayBuffer?     userHandle;
 };
 
 dictionary PublicKeyCredentialParameters {