Title: [262435] trunk/Source
- Revision
- 262435
- Author
- pvol...@apple.com
- Date
- 2020-06-02 13:04:00 -0700 (Tue, 02 Jun 2020)
Log Message
REGRESSION(r261387): Introduced sandbox violations
https://bugs.webkit.org/show_bug.cgi?id=212634
Reviewed by Darin Adler.
Source/WebCore/PAL:
Declare Launch Services class.
* pal/spi/cocoa/LaunchServicesSPI.h:
Source/WebKit:
The change set r261387 introduced some new mach lookup sandbox violations, when attempting to close Launch Services connections that were not open.
Fix this by only attempting to close open connections, and do it while holding the extension to the database mapping service.
No new tests, since this patch is fixing benign sandbox violations.
* WebProcess/cocoa/WebProcessCocoa.mm:
(WebKit::WebProcess::platformInitializeWebProcess):
Modified Paths
Diff
Modified: trunk/Source/WebCore/PAL/ChangeLog (262434 => 262435)
--- trunk/Source/WebCore/PAL/ChangeLog 2020-06-02 19:43:17 UTC (rev 262434)
+++ trunk/Source/WebCore/PAL/ChangeLog 2020-06-02 20:04:00 UTC (rev 262435)
@@ -1,3 +1,14 @@
+2020-06-02 Per Arne Vollan <pvol...@apple.com>
+
+ REGRESSION(r261387): Introduced sandbox violations
+ https://bugs.webkit.org/show_bug.cgi?id=212634
+
+ Reviewed by Darin Adler.
+
+ Declare Launch Services class.
+
+ * pal/spi/cocoa/LaunchServicesSPI.h:
+
2020-05-31 Jer Noble <jer.no...@apple.com>
[Cocoa] Transition between encrypted and clear codecs throws error from SourceBuffer.appendBuffer()
Modified: trunk/Source/WebCore/PAL/pal/spi/cocoa/LaunchServicesSPI.h (262434 => 262435)
--- trunk/Source/WebCore/PAL/pal/spi/cocoa/LaunchServicesSPI.h 2020-06-02 19:43:17 UTC (rev 262434)
+++ trunk/Source/WebCore/PAL/pal/spi/cocoa/LaunchServicesSPI.h 2020-06-02 20:04:00 UTC (rev 262435)
@@ -86,10 +86,12 @@
#endif // !USE(APPLE_INTERNAL_SDK)
@interface _LSDService : NSObject <NSXPCListenerDelegate>
-+ (NSArray<Class> *)allServiceClasses;
+ (NSXPCConnection *)XPCConnectionToService;
@end
+@interface _LSDReadService : _LSDService
+@end
+
#if PLATFORM(MAC)
typedef const struct CF_BRIDGED_TYPE(id) __LSASN* LSASNRef;
Modified: trunk/Source/WebKit/ChangeLog (262434 => 262435)
--- trunk/Source/WebKit/ChangeLog 2020-06-02 19:43:17 UTC (rev 262434)
+++ trunk/Source/WebKit/ChangeLog 2020-06-02 20:04:00 UTC (rev 262435)
@@ -1,3 +1,18 @@
+2020-06-02 Per Arne Vollan <pvol...@apple.com>
+
+ REGRESSION(r261387): Introduced sandbox violations
+ https://bugs.webkit.org/show_bug.cgi?id=212634
+
+ Reviewed by Darin Adler.
+
+ The change set r261387 introduced some new mach lookup sandbox violations, when attempting to close Launch Services connections that were not open.
+ Fix this by only attempting to close open connections, and do it while holding the extension to the database mapping service.
+
+ No new tests, since this patch is fixing benign sandbox violations.
+
+ * WebProcess/cocoa/WebProcessCocoa.mm:
+ (WebKit::WebProcess::platformInitializeWebProcess):
+
2020-06-02 Youenn Fablet <you...@apple.com>
Allow using web processes for service workers even though they loaded about URLs
Modified: trunk/Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm (262434 => 262435)
--- trunk/Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm 2020-06-02 19:43:17 UTC (rev 262434)
+++ trunk/Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm 2020-06-02 20:04:00 UTC (rev 262435)
@@ -176,19 +176,15 @@
ASSERT_UNUSED(ok, ok);
// Perform API calls which will communicate with the database mapping service, and map the database.
auto uti = adoptCF(UTTypeCreatePreferredIdentifierForTag(kUTTagClassMIMEType, CFSTR("text/html"), 0));
+
+ [[objc_getClass("_LSDReadService") XPCConnectionToService] invalidate];
+
ok = extension->revoke();
ASSERT_UNUSED(ok, ok);
- auto services = [get_LSDServiceClass() allServiceClasses];
- for (Class cls in services) {
- auto connection = [cls XPCConnectionToService];
- [connection invalidate];
- }
-
- ASSERT(String(uti.get()) = String(adoptCF(UTTypeCreatePreferredIdentifierForTag(kUTTagClassMIMEType, CFSTR("text/html"), 0)).get()));
+ ASSERT(String(uti.get()) == String(adoptCF(UTTypeCreatePreferredIdentifierForTag(kUTTagClassMIMEType, CFSTR("text/html"), 0)).get()));
}
-
#if PLATFORM(IOS_FAMILY)
if (parameters.runningboardExtensionHandle) {
auto extension = SandboxExtension::create(WTFMove(*parameters.runningboardExtensionHandle));
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes