Title: [238553] trunk/Source/WebKit
- Revision
- 238553
- Author
- wenson_hs...@apple.com
- Date
- 2018-11-27 07:51:43 -0800 (Tue, 27 Nov 2018)
Log Message
WebKit.AddAndRemoveDataDetectors hits a debug assertion after r238515
https://bugs.webkit.org/show_bug.cgi?id=191996
Reviewed by Tim Horton.
This assertion is hit because `decode(Decoder& decoder, NSArray<Class> *allowedClasses)` expects the decoded
object (of class `_NSArrayM`) to be equal to `NSArray.class`.
We fix the crash by relaxing the debug assertion when decoding securely-codable objects over IPC. Instead of
checking that the class of the decoded object is equal to one of the allowed classes, check that the object is a
kind of any of the allowed classes.
* Shared/Cocoa/ArgumentCodersCocoa.h:
(IPC::isObjectClassAllowed):
(IPC::decode):
Modified Paths
Diff
Modified: trunk/Source/WebKit/ChangeLog (238552 => 238553)
--- trunk/Source/WebKit/ChangeLog 2018-11-27 15:29:55 UTC (rev 238552)
+++ trunk/Source/WebKit/ChangeLog 2018-11-27 15:51:43 UTC (rev 238553)
@@ -1,3 +1,21 @@
+2018-11-27 Wenson Hsieh <wenson_hs...@apple.com>
+
+ WebKit.AddAndRemoveDataDetectors hits a debug assertion after r238515
+ https://bugs.webkit.org/show_bug.cgi?id=191996
+
+ Reviewed by Tim Horton.
+
+ This assertion is hit because `decode(Decoder& decoder, NSArray<Class> *allowedClasses)` expects the decoded
+ object (of class `_NSArrayM`) to be equal to `NSArray.class`.
+
+ We fix the crash by relaxing the debug assertion when decoding securely-codable objects over IPC. Instead of
+ checking that the class of the decoded object is equal to one of the allowed classes, check that the object is a
+ kind of any of the allowed classes.
+
+ * Shared/Cocoa/ArgumentCodersCocoa.h:
+ (IPC::isObjectClassAllowed):
+ (IPC::decode):
+
2018-11-27 Tomas Popela <tpop...@redhat.com>
[GTK][WPE] Remove temporary workaround in Source/WebKit/Platform*.cmake
Modified: trunk/Source/WebKit/Shared/Cocoa/ArgumentCodersCocoa.h (238552 => 238553)
--- trunk/Source/WebKit/Shared/Cocoa/ArgumentCodersCocoa.h 2018-11-27 15:29:55 UTC (rev 238552)
+++ trunk/Source/WebKit/Shared/Cocoa/ArgumentCodersCocoa.h 2018-11-27 15:51:43 UTC (rev 238553)
@@ -43,6 +43,19 @@
return decode<T>(decoder, @[ allowedClass ]);
}
+#ifndef NDEBUG
+
+static inline bool isObjectClassAllowed(id object, NSArray<Class> *allowedClasses)
+{
+ for (Class allowedClass in allowedClasses) {
+ if ([object isKindOfClass:allowedClass])
+ return true;
+ }
+ return false;
+}
+
+#endif
+
template<typename T>
std::optional<RetainPtr<T>> decode(Decoder& decoder, NSArray<Class> *allowedClasses)
{
@@ -54,7 +67,7 @@
return { nullptr };
id object = result->leakRef();
- ASSERT([allowedClasses containsObject:[object class]]);
+ ASSERT(isObjectClassAllowed(object, allowedClasses));
return { adoptNS(static_cast<T *>(object)) };
}
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
