Skip to site navigation (Press enter)

[webkit-changes] [200335] trunk/Source/WebKit2

achristensen Mon, 02 May 2016 13:27:02 -0700

Title: [200335] trunk/Source/WebKit2

Revision: 200335
Author: [email protected]
Date: 2016-05-02 13:25:48 -0700 (Mon, 02 May 2016)

Log Message

Crash if a certificate chain has null certificates
https://bugs.webkit.org/show_bug.cgi?id=157206


Reviewed by Alexey Proskuryakov.

* NetworkProcess/cocoa/NetworkDataTaskCocoa.mm:
(WebKit::certificatesMatch):
SecTrustGetCertificateAtIndex can return null.
If this ever happens, something has gone horribly wrong in the security code and we should crash.
See rdar://problem/21723172

Modified Paths

trunk/Source/WebKit2/ChangeLog
trunk/Source/WebKit2/NetworkProcess/cocoa/NetworkDataTaskCocoa.mm

Diff

Modified: trunk/Source/WebKit2/ChangeLog (200334 => 200335)


--- trunk/Source/WebKit2/ChangeLog	2016-05-02 19:59:49 UTC (rev 200334)
+++ trunk/Source/WebKit2/ChangeLog	2016-05-02 20:25:48 UTC (rev 200335)
@@ -1,3 +1,16 @@
+2016-05-02  Alex Christensen  <[email protected]>
+
+        Crash if a certificate chain has null certificates
+        https://bugs.webkit.org/show_bug.cgi?id=157206
+
+        Reviewed by Alexey Proskuryakov.
+
+        * NetworkProcess/cocoa/NetworkDataTaskCocoa.mm:
+        (WebKit::certificatesMatch):
+        SecTrustGetCertificateAtIndex can return null.
+        If this ever happens, something has gone horribly wrong in the security code and we should crash.
+        See rdar://problem/21723172
+
 2016-05-02  Myles C. Maxfield  <[email protected]>
 
         Addressing post-review comments after r200116

Modified: trunk/Source/WebKit2/NetworkProcess/cocoa/NetworkDataTaskCocoa.mm (200334 => 200335)


--- trunk/Source/WebKit2/NetworkProcess/cocoa/NetworkDataTaskCocoa.mm	2016-05-02 19:59:49 UTC (rev 200334)
+++ trunk/Source/WebKit2/NetworkProcess/cocoa/NetworkDataTaskCocoa.mm	2016-05-02 20:25:48 UTC (rev 200335)
@@ -338,7 +338,11 @@
         return false;
 
     for (CFIndex i = 0; i < count1; i++) {
-        if (!CFEqual(SecTrustGetCertificateAtIndex(trust1, i), SecTrustGetCertificateAtIndex(trust2, i)))
+        auto cert1 = SecTrustGetCertificateAtIndex(trust1, i);
+        auto cert2 = SecTrustGetCertificateAtIndex(trust2, i);
+        RELEASE_ASSERT(cert1);
+        RELEASE_ASSERT(cert2);
+        if (!CFEqual(cert1, cert2))
             return false;
     }

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes