Gabriel Ivăncescu : msscript.ocx: Implement UseSafeSubset properly by setting the interface safety options.
Alexandre Julliard
julliard at winehq.org
Fri Sep 4 15:47:32 CDT 2020
Module: wine
Branch: master
Commit: fb746414e2323d66e17772a8c20e1fda3bf6c58b
URL: https://source.winehq.org/git/wine.git/?a=commit;h=fb746414e2323d66e17772a8c20e1fda3bf6c58b
Author: Gabriel Ivăncescu <gabrielopcode at gmail.com>
Date: Thu Sep 3 17:50:26 2020 +0300
msscript.ocx: Implement UseSafeSubset properly by setting the interface safety options.
Signed-off-by: Gabriel Ivăncescu <gabrielopcode at gmail.com>
Signed-off-by: Jacek Caban <jacek at codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard at winehq.org>
---
dlls/msscript.ocx/msscript.c | 40 ++++++++++------
dlls/msscript.ocx/tests/msscript.c | 93 ++++++++++++++++++++++++++++++++++++--
2 files changed, 117 insertions(+), 16 deletions(-)
diff --git a/dlls/msscript.ocx/msscript.c b/dlls/msscript.ocx/msscript.c
index 7ddcb8f73d..ed17be90d8 100644
--- a/dlls/msscript.ocx/msscript.c
+++ b/dlls/msscript.ocx/msscript.c
@@ -2426,9 +2426,30 @@ static const IScriptErrorVtbl ScriptErrorVtbl = {
ScriptError_Clear
};
-static HRESULT init_script_host(ScriptControl *control, const CLSID *clsid, ScriptHost **ret)
+static HRESULT set_safety_opts(IActiveScript *script, VARIANT_BOOL use_safe_subset)
{
IObjectSafety *objsafety;
+ HRESULT hr;
+
+ hr = IActiveScript_QueryInterface(script, &IID_IObjectSafety, (void**)&objsafety);
+ if (FAILED(hr)) {
+ FIXME("Could not get IObjectSafety, %#x\n", hr);
+ return hr;
+ }
+
+ hr = IObjectSafety_SetInterfaceSafetyOptions(objsafety, &IID_IActiveScriptParse, INTERFACESAFE_FOR_UNTRUSTED_DATA,
+ use_safe_subset ? INTERFACESAFE_FOR_UNTRUSTED_DATA : 0);
+ IObjectSafety_Release(objsafety);
+ if (FAILED(hr)) {
+ FIXME("SetInterfaceSafetyOptions failed, %#x\n", hr);
+ return hr;
+ }
+
+ return hr;
+}
+
+static HRESULT init_script_host(ScriptControl *control, const CLSID *clsid, ScriptHost **ret)
+{
ScriptHost *host;
HRESULT hr;
@@ -2455,18 +2476,8 @@ static HRESULT init_script_host(ScriptControl *control, const CLSID *clsid, Scri
goto failed;
}
- hr = IActiveScript_QueryInterface(host->script, &IID_IObjectSafety, (void**)&objsafety);
- if (FAILED(hr)) {
- FIXME("Could not get IObjectSafety, %#x\n", hr);
- goto failed;
- }
-
- hr = IObjectSafety_SetInterfaceSafetyOptions(objsafety, &IID_IActiveScriptParse, INTERFACESAFE_FOR_UNTRUSTED_DATA, 0);
- IObjectSafety_Release(objsafety);
- if (FAILED(hr)) {
- FIXME("SetInterfaceSafetyOptions failed, %#x\n", hr);
- goto failed;
- }
+ hr = set_safety_opts(host->script, control->use_safe_subset);
+ if (FAILED(hr)) goto failed;
hr = IActiveScript_SetScriptSite(host->script, &host->IActiveScriptSite_iface);
if (FAILED(hr)) {
@@ -2850,6 +2861,9 @@ static HRESULT WINAPI ScriptControl_put_UseSafeSubset(IScriptControl *iface, VAR
ScriptControl *This = impl_from_IScriptControl(iface);
TRACE("(%p)->(%x)\n", This, use_safe_subset);
+ if (This->host && This->use_safe_subset != use_safe_subset)
+ set_safety_opts(This->host->script, use_safe_subset);
+
This->use_safe_subset = use_safe_subset;
return S_OK;
}
diff --git a/dlls/msscript.ocx/tests/msscript.c b/dlls/msscript.ocx/tests/msscript.c
index e6d139fd75..a6ec0992c8 100644
--- a/dlls/msscript.ocx/tests/msscript.c
+++ b/dlls/msscript.ocx/tests/msscript.c
@@ -91,6 +91,7 @@ static const WCHAR vbW[] = {'V','B','S','c','r','i','p','t',0};
DEFINE_EXPECT(CreateInstance);
DEFINE_EXPECT(SetInterfaceSafetyOptions);
+DEFINE_EXPECT(SetInterfaceSafetyOptions_UseSafeSubset);
DEFINE_EXPECT(InitNew);
DEFINE_EXPECT(Close);
DEFINE_EXPECT(Bind);
@@ -278,12 +279,13 @@ static HRESULT WINAPI ObjectSafety_GetInterfaceSafetyOptions(IObjectSafety *ifac
static HRESULT WINAPI ObjectSafety_SetInterfaceSafetyOptions(IObjectSafety *iface, REFIID riid,
DWORD mask, DWORD options)
{
- CHECK_EXPECT(SetInterfaceSafetyOptions);
+ if (options == INTERFACESAFE_FOR_UNTRUSTED_DATA)
+ CHECK_EXPECT(SetInterfaceSafetyOptions_UseSafeSubset);
+ else
+ CHECK_EXPECT(SetInterfaceSafetyOptions);
ok(IsEqualGUID(&IID_IActiveScriptParse, riid), "unexpected riid %s\n", wine_dbgstr_guid(riid));
-
ok(mask == INTERFACESAFE_FOR_UNTRUSTED_DATA, "option mask = %x\n", mask);
- ok(options == 0, "options = %x\n", options);
return S_OK;
}
@@ -2100,6 +2102,91 @@ static void test_UseSafeSubset(void)
ok(use_safe_subset == VARIANT_TRUE, "got %d\n", use_safe_subset);
IScriptControl_Release(sc);
+
+ /* custom script engine */
+ if (have_custom_engine)
+ {
+ hr = CoCreateInstance(&CLSID_ScriptControl, NULL, CLSCTX_INPROC_SERVER | CLSCTX_INPROC_HANDLER,
+ &IID_IScriptControl, (void **)&sc);
+ ok(hr == S_OK, "Failed to create IScriptControl interface: 0x%08x.\n", hr);
+
+ SET_EXPECT(CreateInstance);
+ SET_EXPECT(SetInterfaceSafetyOptions);
+ SET_EXPECT(SetScriptSite);
+ SET_EXPECT(QI_IActiveScriptParse);
+ SET_EXPECT(InitNew);
+
+ str = SysAllocString(L"testscript");
+ hr = IScriptControl_put_Language(sc, str);
+ ok(hr == S_OK, "got 0x%08x\n", hr);
+ SysFreeString(str);
+
+ CHECK_CALLED(CreateInstance);
+ CHECK_CALLED(SetInterfaceSafetyOptions);
+ CHECK_CALLED(SetScriptSite);
+ CHECK_CALLED(QI_IActiveScriptParse);
+ CHECK_CALLED(InitNew);
+
+ hr = IScriptControl_get_UseSafeSubset(sc, &use_safe_subset);
+ ok(hr == S_OK, "got 0x%08x\n", hr);
+ ok(use_safe_subset == VARIANT_FALSE, "got %d\n", use_safe_subset);
+
+ SET_EXPECT(SetInterfaceSafetyOptions_UseSafeSubset);
+ hr = IScriptControl_put_UseSafeSubset(sc, VARIANT_TRUE);
+ ok(hr == S_OK, "got 0x%08x\n", hr);
+ CHECK_CALLED(SetInterfaceSafetyOptions_UseSafeSubset);
+
+ hr = IScriptControl_get_UseSafeSubset(sc, &use_safe_subset);
+ ok(hr == S_OK, "got 0x%08x\n", hr);
+ ok(use_safe_subset == VARIANT_TRUE, "got %d\n", use_safe_subset);
+
+ hr = IScriptControl_put_UseSafeSubset(sc, VARIANT_TRUE);
+ ok(hr == S_OK, "got 0x%08x\n", hr);
+
+ SET_EXPECT(SetInterfaceSafetyOptions);
+ hr = IScriptControl_put_UseSafeSubset(sc, VARIANT_FALSE);
+ ok(hr == S_OK, "got 0x%08x\n", hr);
+ CHECK_CALLED(SetInterfaceSafetyOptions);
+
+ hr = IScriptControl_put_UseSafeSubset(sc, VARIANT_FALSE);
+ ok(hr == S_OK, "got 0x%08x\n", hr);
+
+ IActiveScriptSite_Release(site);
+
+ SET_EXPECT(Close);
+ IScriptControl_Release(sc);
+ CHECK_CALLED(Close);
+
+ hr = CoCreateInstance(&CLSID_ScriptControl, NULL, CLSCTX_INPROC_SERVER | CLSCTX_INPROC_HANDLER,
+ &IID_IScriptControl, (void **)&sc);
+ ok(hr == S_OK, "Failed to create IScriptControl interface: 0x%08x.\n", hr);
+
+ hr = IScriptControl_put_UseSafeSubset(sc, VARIANT_TRUE);
+ ok(hr == S_OK, "got 0x%08x\n", hr);
+
+ SET_EXPECT(CreateInstance);
+ SET_EXPECT(SetInterfaceSafetyOptions_UseSafeSubset);
+ SET_EXPECT(SetScriptSite);
+ SET_EXPECT(QI_IActiveScriptParse);
+ SET_EXPECT(InitNew);
+
+ str = SysAllocString(L"testscript");
+ hr = IScriptControl_put_Language(sc, str);
+ ok(hr == S_OK, "got 0x%08x\n", hr);
+ SysFreeString(str);
+
+ CHECK_CALLED(CreateInstance);
+ CHECK_CALLED(SetInterfaceSafetyOptions_UseSafeSubset);
+ CHECK_CALLED(SetScriptSite);
+ CHECK_CALLED(QI_IActiveScriptParse);
+ CHECK_CALLED(InitNew);
+
+ IActiveScriptSite_Release(site);
+
+ SET_EXPECT(Close);
+ IScriptControl_Release(sc);
+ CHECK_CALLED(Close);
+ }
}
static void test_State(void)
More information about the wine-cvs
mailing list