From b4e28e4340b0bcedf55010602c62027c0d3dd4d4 Mon Sep 17 00:00:00 2001
From: Bobby Holley <bobbyholley@gmail.com>
Date: Wed, 16 Sep 2015 15:28:36 -0700
Subject: [PATCH] Bug 1205456 - Check for UNKNOWN_APP_ID when serializing
 principals. r=sicking, a=sylvestre

--HG--
extra : source : 0e0f3104478fcb2ed29be54f3e5ee113245378b8
---
 caps/nsNullPrincipal.cpp       |  3 +++
 caps/nsPrincipal.cpp           |  2 ++
 caps/tests/unit/test_origin.js | 14 ++++++++++++++
 3 files changed, 19 insertions(+)

diff --git a/caps/nsNullPrincipal.cpp b/caps/nsNullPrincipal.cpp
index cc32748425c0..37c82bd3593d 100644
--- a/caps/nsNullPrincipal.cpp
+++ b/caps/nsNullPrincipal.cpp
@@ -173,6 +173,9 @@ nsNullPrincipal::Read(nsIObjectInputStream* aStream)
 NS_IMETHODIMP
 nsNullPrincipal::Write(nsIObjectOutputStream* aStream)
 {
+  NS_ENSURE_TRUE(mOriginAttributes.mAppId != nsIScriptSecurityManager::UNKNOWN_APP_ID,
+                 NS_ERROR_INVALID_ARG);
+
   nsAutoCString suffix;
   OriginAttributesRef().CreateSuffix(suffix);
 
diff --git a/caps/nsPrincipal.cpp b/caps/nsPrincipal.cpp
index 9d562592a36c..a8b5f400b8a1 100644
--- a/caps/nsPrincipal.cpp
+++ b/caps/nsPrincipal.cpp
@@ -446,6 +446,8 @@ NS_IMETHODIMP
 nsPrincipal::Write(nsIObjectOutputStream* aStream)
 {
   NS_ENSURE_STATE(mCodebase);
+  NS_ENSURE_TRUE(mOriginAttributes.mAppId != nsIScriptSecurityManager::UNKNOWN_APP_ID,
+                 NS_ERROR_INVALID_ARG);
 
   nsresult rv = NS_WriteOptionalCompoundObject(aStream, mCodebase, NS_GET_IID(nsIURI),
                                                true);
diff --git a/caps/tests/unit/test_origin.js b/caps/tests/unit/test_origin.js
index 8ec957428d12..97c2901adc91 100644
--- a/caps/tests/unit/test_origin.js
+++ b/caps/tests/unit/test_origin.js
@@ -103,6 +103,20 @@ function run_test() {
   var simplePrin = ssm.getSimpleCodebasePrincipal(makeURI('http://example.com'));
   try { simplePrin.origin; do_check_true(false); } catch (e) { do_check_true(true); }
 
+  // Make sure we don't crash when serializing them either.
+  try {
+    let binaryStream = Cc["@mozilla.org/binaryoutputstream;1"].
+                       createInstance(Ci.nsIObjectOutputStream);
+    let pipe = Cc["@mozilla.org/pipe;1"].createInstance(Ci.nsIPipe);
+    pipe.init(false, false, 0, 0xffffffff, null);
+    binaryStream.setOutputStream(pipe.outputStream);
+    binaryStream.writeCompoundObject(simplePrin, Ci.nsISupports, true);
+    binaryStream.close();
+  } catch (e) {
+    do_check_true(true);
+  }
+
+
   // Just userContext.
   var exampleOrg_userContext = ssm.createCodebasePrincipal(makeURI('http://example.org'), {userContextId: 42});
   checkOriginAttributes(exampleOrg_userContext, { userContextId: 42 }, '^userContextId=42');