/src/mozilla-central/security/sandbox/common/SandboxSettings.cpp

Source (jump to first uncovered line)
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
/* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this file,
 * You can obtain one at http://mozilla.org/MPL/2.0/. */

#include "mozISandboxSettings.h"

#include "mozilla/ModuleUtils.h"
#include "mozilla/Preferences.h"

#include "prenv.h"

namespace mozilla {

int GetEffectiveContentSandboxLevel() {
  if (PR_GetEnv("MOZ_DISABLE_CONTENT_SANDBOX")) {
    return 0;
  }
  int level = Preferences::GetInt("security.sandbox.content.level");
// On Windows and macOS, enforce a minimum content sandbox level of 1 (except on
// Nightly, where it can be set to 0).
#if !defined(NIGHTLY_BUILD) && (defined(XP_WIN) || defined(XP_MACOSX))
  if (level < 1) {
    level = 1;
  }
#endif
#ifdef XP_LINUX
  // Level 4 and up will break direct access to audio.
  if (level > 3 && !Preferences::GetBool("media.cubeb.sandbox")) {
    level = 3;
  }
#endif

  return level;
}

bool IsContentSandboxEnabled() {
  return GetEffectiveContentSandboxLevel() > 0;
}

#if defined(XP_MACOSX)
int ClampFlashSandboxLevel(const int aLevel) {
  const int minLevel = 0;
  const int maxLevel = 3;

  if (aLevel < minLevel) {
    return minLevel;
  }

  if (aLevel > maxLevel) {
    return maxLevel;
  }
  return aLevel;
}
#endif

class SandboxSettings final : public mozISandboxSettings
{
public:
  NS_DECL_ISUPPORTS
  NS_DECL_MOZISANDBOXSETTINGS

  SandboxSettings() { }

private:
  ~SandboxSettings() { }
};

NS_IMPL_ISUPPORTS(SandboxSettings, mozISandboxSettings)

NS_IMETHODIMP SandboxSettings::GetEffectiveContentSandboxLevel(int32_t *aRetVal)
{
  *aRetVal = mozilla::GetEffectiveContentSandboxLevel();
  return NS_OK;
}

NS_GENERIC_FACTORY_CONSTRUCTOR(SandboxSettings)

NS_DEFINE_NAMED_CID(MOZ_SANDBOX_SETTINGS_CID);

static const mozilla::Module::CIDEntry kSandboxSettingsCIDs[] = {
  { &kMOZ_SANDBOX_SETTINGS_CID, false, nullptr, SandboxSettingsConstructor },
  { nullptr }
};

static const mozilla::Module::ContractIDEntry kSandboxSettingsContracts[] = {
  { MOZ_SANDBOX_SETTINGS_CONTRACTID, &kMOZ_SANDBOX_SETTINGS_CID },
  { nullptr }
};

static const mozilla::Module kSandboxSettingsModule = {
  mozilla::Module::kVersion,
  kSandboxSettingsCIDs,
  kSandboxSettingsContracts
};

NSMODULE_DEFN(SandboxSettingsModule) = &kSandboxSettingsModule;

} // namespace mozilla

Line	Count	Source (jump to first uncovered line)
1		/* -- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -- */
2		/* vim: set ts=8 sts=2 et sw=2 tw=80: */
3		/* This Source Code Form is subject to the terms of the Mozilla Public
4		* License, v. 2.0. If a copy of the MPL was not distributed with this file,
5		* You can obtain one at http://mozilla.org/MPL/2.0/. */
6
7		#include "mozISandboxSettings.h"
8
9		#include "mozilla/ModuleUtils.h"
10		#include "mozilla/Preferences.h"
11
12		#include "prenv.h"
13
14		namespace mozilla {
15
16	0	int GetEffectiveContentSandboxLevel() {
17	0	if (PR_GetEnv("MOZ_DISABLE_CONTENT_SANDBOX")) {
18	0	return 0;
19	0	}
20	0	int level = Preferences::GetInt("security.sandbox.content.level");
21	0	// On Windows and macOS, enforce a minimum content sandbox level of 1 (except on
22	0	// Nightly, where it can be set to 0).
23		#if !defined(NIGHTLY_BUILD) && (defined(XP_WIN) \|\| defined(XP_MACOSX))
24		if (level < 1) {
25		level = 1;
26		}
27		#endif
28		#ifdef XP_LINUX
29	0	// Level 4 and up will break direct access to audio.
30	0	if (level > 3 && !Preferences::GetBool("media.cubeb.sandbox")) {
31	0	level = 3;
32	0	}
33	0	#endif
34	0
35	0	return level;
36	0	}
37
38	0	bool IsContentSandboxEnabled() {
39	0	return GetEffectiveContentSandboxLevel() > 0;
40	0	}
41
42		#if defined(XP_MACOSX)
43		int ClampFlashSandboxLevel(const int aLevel) {
44		const int minLevel = 0;
45		const int maxLevel = 3;
46
47		if (aLevel < minLevel) {
48		return minLevel;
49		}
50
51		if (aLevel > maxLevel) {
52		return maxLevel;
53		}
54		return aLevel;
55		}
56		#endif
57
58		class SandboxSettings final : public mozISandboxSettings
59		{
60		public:
61		NS_DECL_ISUPPORTS
62		NS_DECL_MOZISANDBOXSETTINGS
63
64	0	SandboxSettings() { }
65
66		private:
67	0	~SandboxSettings() { }
68		};
69
70		NS_IMPL_ISUPPORTS(SandboxSettings, mozISandboxSettings)
71
72		NS_IMETHODIMP SandboxSettings::GetEffectiveContentSandboxLevel(int32_t *aRetVal)
73	0	{
74	0	*aRetVal = mozilla::GetEffectiveContentSandboxLevel();
75	0	return NS_OK;
76	0	}
77
78		NS_GENERIC_FACTORY_CONSTRUCTOR(SandboxSettings)
79
80		NS_DEFINE_NAMED_CID(MOZ_SANDBOX_SETTINGS_CID);
81
82		static const mozilla::Module::CIDEntry kSandboxSettingsCIDs[] = {
83		{ &kMOZ_SANDBOX_SETTINGS_CID, false, nullptr, SandboxSettingsConstructor },
84		{ nullptr }
85		};
86
87		static const mozilla::Module::ContractIDEntry kSandboxSettingsContracts[] = {
88		{ MOZ_SANDBOX_SETTINGS_CONTRACTID, &kMOZ_SANDBOX_SETTINGS_CID },
89		{ nullptr }
90		};
91
92		static const mozilla::Module kSandboxSettingsModule = {
93		mozilla::Module::kVersion,
94		kSandboxSettingsCIDs,
95		kSandboxSettingsContracts
96		};
97
98		NSMODULE_DEFN(SandboxSettingsModule) = &kSandboxSettingsModule;
99
100		} // namespace mozilla

Coverage Report

Created: 2018-09-25 14:53