From 041e4fe737342bf40a6aedb7a04d8d99ba20e213 Mon Sep 17 00:00:00 2001
From: Jason Carey <jcarey@argv.me>
Date: Mon, 14 Sep 2015 16:19:11 -0400
Subject: SERVER-20375 Constrain JS method thisv

This constrains universal access to wraptype methods by providing a
JS_ATTACH_JS_CONSTRAINED_METHOD() macro which allows for a list of types
that are allowed to call said method.

In this way we can lock down all methods without having to add uasserts
to each individual method body.
---
 src/mongo/scripting/mozjs/cursor.cpp | 17 +++++++++--------
 1 file changed, 9 insertions(+), 8 deletions(-)

(limited to 'src/mongo/scripting/mozjs/cursor.cpp')

diff --git a/src/mongo/scripting/mozjs/cursor.cpp b/src/mongo/scripting/mozjs/cursor.cpp
index 8660287a13a..7968480f4ff 100644
--- a/src/mongo/scripting/mozjs/cursor.cpp
+++ b/src/mongo/scripting/mozjs/cursor.cpp
@@ -34,15 +34,16 @@
 #include "mongo/scripting/mozjs/implscope.h"
 #include "mongo/scripting/mozjs/objectwrapper.h"
 #include "mongo/scripting/mozjs/valuereader.h"
+#include "mongo/scripting/mozjs/wrapconstrainedmethod.h"
 
 namespace mongo {
 namespace mozjs {
 
 const JSFunctionSpec CursorInfo::methods[5] = {
-    MONGO_ATTACH_JS_FUNCTION(hasNext),
-    MONGO_ATTACH_JS_FUNCTION(next),
-    MONGO_ATTACH_JS_FUNCTION(objsLeftInBatch),
-    MONGO_ATTACH_JS_FUNCTION(readOnly),
+    MONGO_ATTACH_JS_CONSTRAINED_METHOD_NO_PROTO(hasNext, CursorInfo),
+    MONGO_ATTACH_JS_CONSTRAINED_METHOD_NO_PROTO(next, CursorInfo),
+    MONGO_ATTACH_JS_CONSTRAINED_METHOD_NO_PROTO(objsLeftInBatch, CursorInfo),
+    MONGO_ATTACH_JS_CONSTRAINED_METHOD_NO_PROTO(readOnly, CursorInfo),
     JS_FS_END,
 };
 
@@ -68,7 +69,7 @@ void CursorInfo::finalize(JSFreeOp* fop, JSObject* obj) {
     }
 }
 
-void CursorInfo::Functions::next(JSContext* cx, JS::CallArgs args) {
+void CursorInfo::Functions::next::call(JSContext* cx, JS::CallArgs args) {
     auto cursor = getCursor(args);
 
     if (!cursor) {
@@ -84,7 +85,7 @@ void CursorInfo::Functions::next(JSContext* cx, JS::CallArgs args) {
     ValueReader(cx, args.rval()).fromBSON(bson, ro);
 }
 
-void CursorInfo::Functions::hasNext(JSContext* cx, JS::CallArgs args) {
+void CursorInfo::Functions::hasNext::call(JSContext* cx, JS::CallArgs args) {
     auto cursor = getCursor(args);
 
     if (!cursor) {
@@ -95,7 +96,7 @@ void CursorInfo::Functions::hasNext(JSContext* cx, JS::CallArgs args) {
     args.rval().setBoolean(cursor->more());
 }
 
-void CursorInfo::Functions::objsLeftInBatch(JSContext* cx, JS::CallArgs args) {
+void CursorInfo::Functions::objsLeftInBatch::call(JSContext* cx, JS::CallArgs args) {
     auto cursor = getCursor(args);
 
     if (!cursor) {
@@ -106,7 +107,7 @@ void CursorInfo::Functions::objsLeftInBatch(JSContext* cx, JS::CallArgs args) {
     args.rval().setInt32(cursor->objsLeftInBatch());
 }
 
-void CursorInfo::Functions::readOnly(JSContext* cx, JS::CallArgs args) {
+void CursorInfo::Functions::readOnly::call(JSContext* cx, JS::CallArgs args) {
     ObjectWrapper(cx, args.thisv()).setBoolean("_ro", true);
 
     args.rval().set(args.thisv());
-- 
cgit v1.2.1