Commit 2bc4e656 authored by Jan Rybar's avatar Jan Rybar

Use JS_EncodeStringToUTF8 consistently with JavaScript

When strings handled by the jsbackendauthority contain non-ASCII, the
code will fail.  For example, on a system having a user with a
non-ASCII name, the following message will appear when a USB stick is
plugged in.

mar 04 21:47:31 mimmi polkitd[17163]: Error evaluating authorization rules

The user will not be allowed to do the mount.

The problem is that strings were variously encoded back to C strings
with JS_EncodeString and JS_EncodeStringToUTF8.  According to the
documentation
(https://developer.mozilla.org/en-US/docs/Mozilla/Projects/SpiderMonkey/JSAPI_reference/JS_EncodeString#Description)
the former will simply drop the high byte from each character.  If
that happens to a username, it will no longer be found as a valid user
name on the system.  Explicitly encoding to UTF-8 will at least work
in UTF-8 locales, which is the increasingly dominant encoding.
parent 2d4c4af6
......@@ -1284,13 +1284,15 @@ js_polkit_log (JSContext *cx,
unsigned argc,
JS::Value *vp)
{
/* PolkitBackendJsAuthority *authority = POLKIT_BACKEND_JS_AUTHORITY (JS_GetContextPrivate (cx)); */
PolkitBackendJsAuthority *authority = POLKIT_BACKEND_JS_AUTHORITY (JS_GetContextPrivate (cx));
bool ret = false;
char *s;
JS::CallArgs args = JS::CallArgsFromVp (argc, vp);
s = JS_EncodeString (cx, args[0].toString ());
JS::RootedString jsstr (authority->priv->cx);
jsstr = args[0].toString ();
s = JS_EncodeStringToUTF8 (cx, jsstr);
JS_ReportWarningUTF8 (cx, "%s", s);
JS_free (cx, s);
......@@ -1367,7 +1369,7 @@ js_polkit_spawn (JSContext *cx,
unsigned js_argc,
JS::Value *vp)
{
/* PolkitBackendJsAuthority *authority = POLKIT_BACKEND_JS_AUTHORITY (JS_GetContextPrivate (cx)); */
PolkitBackendJsAuthority *authority = POLKIT_BACKEND_JS_AUTHORITY (JS_GetContextPrivate (cx));
bool ret = false;
JS::RootedObject array_object(cx);
gchar *standard_output = NULL;
......@@ -1407,7 +1409,9 @@ js_polkit_spawn (JSContext *cx,
JS_ReportErrorUTF8 (cx, "Element %d is not a string", n);
goto out;
}
s = JS_EncodeString (cx, elem_val.toString());
JS::RootedString jsstr (authority->priv->cx);
jsstr = elem_val.toString();
s = JS_EncodeStringToUTF8 (cx, jsstr);
argv[n] = g_strdup (s);
JS_free (cx, s);
}
......@@ -1490,7 +1494,7 @@ js_polkit_user_is_in_netgroup (JSContext *cx,
unsigned argc,
JS::Value *vp)
{
/* PolkitBackendJsAuthority *authority = POLKIT_BACKEND_JS_AUTHORITY (JS_GetContextPrivate (cx)); */
PolkitBackendJsAuthority *authority = POLKIT_BACKEND_JS_AUTHORITY (JS_GetContextPrivate (cx));
bool ret = false;
char *user;
char *netgroup;
......@@ -1498,8 +1502,12 @@ js_polkit_user_is_in_netgroup (JSContext *cx,
JS::CallArgs args = JS::CallArgsFromVp (argc, vp);
user = JS_EncodeString (cx, args[0].toString());
netgroup = JS_EncodeString (cx, args[1].toString());
JS::RootedString usrstr (authority->priv->cx);
usrstr = args[0].toString();
user = JS_EncodeStringToUTF8 (cx, usrstr);
JS::RootedString netgstr (authority->priv->cx);
netgstr = args[1].toString();
netgroup = JS_EncodeStringToUTF8 (cx, netgstr);
if (innetgr (netgroup,
NULL, /* host */
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment