tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

noExecute-06.js (2289B)

      1 // Tests that NX disallows debuggee execution for multiple debuggers and
      2 // multiple debuggees.
      3 
      4 load(libdir + "asserts.js");
      5 load(libdir + "debuggerNXHelper.js");
      6 
      7 var g1 = newGlobal({newCompartment: true});
      8 var g2 = newGlobal({newCompartment: true});
      9 var dbg1 = new Debugger;
     10 var dbg2 = new Debugger;
     11 
     12 g1w1 = dbg1.addDebuggee(g1);
     13 
     14 g1w2 = dbg2.addDebuggee(g1);
     15 g2w = dbg2.addDebuggee(g2);
     16 
     17 g1.eval(`
     18        function d(f) { debugger; return f; }
     19        function f() { return 42; }
     20        var o = {
     21          get p() { return 42; },
     22          set p(x) { }
     23        };
     24        `);
     25 
     26 g2.eval(`
     27        function d(f) { debugger; return f; }
     28        function f() { return 42; }
     29        var o = {
     30          get p() { return 42; },
     31          set p(x) { }
     32        };
     33        `);
     34 
     35 var strs = ["f();", "o.p", "o.p = 42"];
     36 
     37 var fw1;
     38 dbg1.onDebuggerStatement = (frame) => {
     39  fw1 = frame.arguments[0];
     40 }
     41 g1.eval('d(f)');
     42 dbg1.onDebuggerStatement = undefined;
     43 var fw2;
     44 dbg2.onDebuggerStatement = (frame) => {
     45  fw2 = frame.arguments[0];
     46 }
     47 g2.eval('d(f)');
     48 dbg2.onDebuggerStatement = undefined;
     49 
     50 function testHook(hookName) {
     51  var newestG1Frame = dbg1.getNewestFrame();
     52  if (hookName != 'onNewGlobalObject' &&
     53      hookName != 'onNewScript' &&
     54      hookName != 'onNewPromise' &&
     55      hookName != 'onPromiseSettled')
     56  {
     57    var newestG2Frame = dbg2.getNewestFrame();
     58  }
     59 
     60  for (var s of strs) {
     61    // When this hook is called, g1 has been locked twice, so even invocation
     62    // functions do not work.
     63    assertEq(g1w1.executeInGlobal(s).throw.unsafeDereference() instanceof Debugger.DebuggeeWouldRun, true);
     64    assertEq(g1w2.executeInGlobal(s).throw.unsafeDereference() instanceof Debugger.DebuggeeWouldRun, true);
     65    if (newestG1Frame) {
     66      assertEq(newestG1Frame.eval(s).throw.unsafeDereference() instanceof Debugger.DebuggeeWouldRun, true);
     67    }
     68    assertEq(fw1.apply(null).throw.unsafeDereference() instanceof Debugger.DebuggeeWouldRun, true);
     69 
     70    // But g2 has only been locked once and so should work.
     71    assertEq(g2w.executeInGlobal(s).throw, undefined);
     72    if (newestG2Frame) {
     73      assertEq(newestG2Frame.eval(s).throw, undefined);
     74    }
     75    assertEq(fw2.apply(null).return, 42);
     76  }
     77 }
     78 
     79 testDebuggerHooksNX(dbg1, g1, () => {
     80  testDebuggerHooksNX(dbg2, g2, testHook);
     81 });