Diff
Modified: trunk/Source/WebCore/ChangeLog (215705 => 215706)
--- trunk/Source/WebCore/ChangeLog 2017-04-25 00:05:20 UTC (rev 215705)
+++ trunk/Source/WebCore/ChangeLog 2017-04-25 00:14:31 UTC (rev 215706)
@@ -1,3 +1,23 @@
+2017-04-24 Said Abou-Hallawa <sabouhall...@apple.com>
+
+ Whitelist supported image MIME types
+ https://bugs.webkit.org/show_bug.cgi?id=171077
+
+ Reviewed by Tim Horton.
+
+ Restrict the CG port image formats to a known whitelist. Build this list from image
+ UTI's instead of MIME types, since the image UTI's is a superset of the MIME types.
+ Use this list to build the list of supported image MIME types.
+
+ * PlatformAppleWin.cmake:
+ * WebCore.xcodeproj/project.pbxproj:
+ * platform/MIMETypeRegistry.cpp:
+ (WebCore::initializeSupportedImageMIMETypes):
+ * platform/graphics/cg/UTIRegistry.cpp: Added.
+ (WebCore::allowedImageUTIs):
+ (WebCore::isAllowedImageUTI):
+ * platform/graphics/cg/UTIRegistry.h: Added.
+
2017-04-24 Nan Wang <n_w...@apple.com>
AX: Crash at WebCore::AXObjectCache::characterOffsetForIndex(int, WebCore::AccessibilityObject const*) + 703
Modified: trunk/Source/WebCore/PlatformAppleWin.cmake (215705 => 215706)
--- trunk/Source/WebCore/PlatformAppleWin.cmake 2017-04-25 00:05:20 UTC (rev 215705)
+++ trunk/Source/WebCore/PlatformAppleWin.cmake 2017-04-25 00:14:31 UTC (rev 215706)
@@ -138,6 +138,7 @@
platform/graphics/cg/PatternCG.cpp
platform/graphics/cg/SubimageCacheWithTimer.cpp
platform/graphics/cg/TransformationMatrixCG.cpp
+ platform/graphics/cg/UTIRegistry.cpp
platform/graphics/opentype/OpenTypeCG.cpp
Modified: trunk/Source/WebCore/WebCore.xcodeproj/project.pbxproj (215705 => 215706)
--- trunk/Source/WebCore/WebCore.xcodeproj/project.pbxproj 2017-04-25 00:05:20 UTC (rev 215705)
+++ trunk/Source/WebCore/WebCore.xcodeproj/project.pbxproj 2017-04-25 00:14:31 UTC (rev 215706)
@@ -2515,6 +2515,8 @@
5597F8271D91C3130066BC21 /* ImageFrameCache.h in Headers */ = {isa = PBXBuildFile; fileRef = 5597F8251D91C3130066BC21 /* ImageFrameCache.h */; settings = {ATTRIBUTES = (Private, ); }; };
55A336F71D8209F40022C4C7 /* NativeImage.h in Headers */ = {isa = PBXBuildFile; fileRef = 55A336F61D8209F40022C4C7 /* NativeImage.h */; };
55A336F91D821E3C0022C4C7 /* ImageBackingStore.h in Headers */ = {isa = PBXBuildFile; fileRef = 55A336F81D821E3C0022C4C7 /* ImageBackingStore.h */; settings = {ATTRIBUTES = (Private, ); }; };
+ 55AF14E51EAAC59B0026EEAA /* UTIRegistry.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 55AF14E31EAAC59B0026EEAA /* UTIRegistry.cpp */; };
+ 55AF14E61EAAC59B0026EEAA /* UTIRegistry.h in Headers */ = {isa = PBXBuildFile; fileRef = 55AF14E41EAAC59B0026EEAA /* UTIRegistry.h */; settings = {ATTRIBUTES = (Private, ); }; };
570440531E5278B200356601 /* CryptoAlgorithmAES_CFB.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 5712526A1E52527C008FF369 /* CryptoAlgorithmAES_CFB.cpp */; };
570440581E53851600356601 /* CryptoAlgorithmAES_CFBMac.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 570440571E53851600356601 /* CryptoAlgorithmAES_CFBMac.cpp */; };
5704405A1E53936200356601 /* JSAesCbcCfbParams.h in Headers */ = {isa = PBXBuildFile; fileRef = 570440591E53936200356601 /* JSAesCbcCfbParams.h */; };
@@ -10236,6 +10238,8 @@
5597F8251D91C3130066BC21 /* ImageFrameCache.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = ImageFrameCache.h; sourceTree = "<group>"; };
55A336F61D8209F40022C4C7 /* NativeImage.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = NativeImage.h; sourceTree = "<group>"; };
55A336F81D821E3C0022C4C7 /* ImageBackingStore.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = ImageBackingStore.h; sourceTree = "<group>"; };
+ 55AF14E31EAAC59B0026EEAA /* UTIRegistry.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = UTIRegistry.cpp; sourceTree = "<group>"; };
+ 55AF14E41EAAC59B0026EEAA /* UTIRegistry.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = UTIRegistry.h; sourceTree = "<group>"; };
55D408F71A7C631800C78450 /* SVGImageClients.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = SVGImageClients.h; sourceTree = "<group>"; };
570440571E53851600356601 /* CryptoAlgorithmAES_CFBMac.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = CryptoAlgorithmAES_CFBMac.cpp; sourceTree = "<group>"; };
570440591E53936200356601 /* JSAesCbcCfbParams.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JSAesCbcCfbParams.h; sourceTree = "<group>"; };
@@ -22920,6 +22924,8 @@
1FC40FB81655C5910040F29E /* SubimageCacheWithTimer.cpp */,
1FC40FB71655C5910040F29E /* SubimageCacheWithTimer.h */,
B275352A0B053814002CE64F /* TransformationMatrixCG.cpp */,
+ 55AF14E31EAAC59B0026EEAA /* UTIRegistry.cpp */,
+ 55AF14E41EAAC59B0026EEAA /* UTIRegistry.h */,
);
path = cg;
sourceTree = "<group>";
@@ -26514,6 +26520,7 @@
BCB16C200979C3BD00467741 /* CachedResource.h in Headers */,
BCFB2E5E0979E46400BA703D /* CachedResourceClient.h in Headers */,
BCB16C220979C3BD00467741 /* CachedResourceClientWalker.h in Headers */,
+ 55AF14E61EAAC59B0026EEAA /* UTIRegistry.h in Headers */,
E47B4BE80E71241600038854 /* CachedResourceHandle.h in Headers */,
BCB16C2A0979C3BD00467741 /* CachedResourceLoader.h in Headers */,
5081E3E03CFF80C16EF8B48B /* CachedResourceRequest.h in Headers */,
@@ -30752,6 +30759,7 @@
E125F8351822F18A00D84CD9 /* CryptoKeyHMAC.cpp in Sources */,
E19AC3F9182566F700349426 /* CryptoKeyMac.cpp in Sources */,
57E657E01E71397800F941CA /* CryptoKeyRaw.cpp in Sources */,
+ 55AF14E51EAAC59B0026EEAA /* UTIRegistry.cpp in Sources */,
57E2336B1DCC262400F28D01 /* CryptoKeyRSA.cpp in Sources */,
E164FAA518315E1A00DB4E61 /* CryptoKeyRSAMac.cpp in Sources */,
E125F859182C1AA600D84CD9 /* CryptoKeySerializationRaw.cpp in Sources */,
Modified: trunk/Source/WebCore/platform/MIMETypeRegistry.cpp (215705 => 215706)
--- trunk/Source/WebCore/platform/MIMETypeRegistry.cpp 2017-04-25 00:05:20 UTC (rev 215705)
+++ trunk/Source/WebCore/platform/MIMETypeRegistry.cpp 2017-04-25 00:14:31 UTC (rev 215706)
@@ -35,6 +35,7 @@
#if USE(CG)
#include "ImageSourceCG.h"
+#include "UTIRegistry.h"
#include <wtf/RetainPtr.h>
#endif
@@ -156,11 +157,9 @@
static void initializeSupportedImageMIMETypes()
{
#if USE(CG)
- RetainPtr<CFArrayRef> supportedTypes = adoptCF(CGImageSourceCopyTypeIdentifiers());
- CFIndex count = CFArrayGetCount(supportedTypes.get());
- for (CFIndex i = 0; i < count; i++) {
- CFStringRef supportedType = reinterpret_cast<CFStringRef>(CFArrayGetValueAtIndex(supportedTypes.get(), i));
- String mimeType = MIMETypeForImageSourceType(supportedType);
+ HashSet<String>& imageUTIs = allowedImageUTIs();
+ for (auto& imageUTI : imageUTIs) {
+ String mimeType = MIMETypeForImageSourceType(imageUTI);
if (!mimeType.isEmpty()) {
supportedImageMIMETypes->add(mimeType);
supportedImageResourceMIMETypes->add(mimeType);
Added: trunk/Source/WebCore/platform/graphics/cg/UTIRegistry.cpp (0 => 215706)
--- trunk/Source/WebCore/platform/graphics/cg/UTIRegistry.cpp (rev 0)
+++ trunk/Source/WebCore/platform/graphics/cg/UTIRegistry.cpp 2017-04-25 00:14:31 UTC (rev 215706)
@@ -0,0 +1,85 @@
+/*
+ * Copyright (C) 2017 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+ * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "config.h"
+#include "UTIRegistry.h"
+
+#if USE(CG)
+
+#include <wtf/HashSet.h>
+#include <wtf/NeverDestroyed.h>
+
+#if !PLATFORM(IOS)
+#include <ApplicationServices/ApplicationServices.h>
+#else
+#include <ImageIO/ImageIO.h>
+#endif
+
+#if ENABLE(WEB_ARCHIVE) || ENABLE(MHTML)
+#include "ArchiveFactory.h"
+#endif
+
+namespace WebCore {
+
+HashSet<String>& allowedImageUTIs()
+{
+ // CG at least supports the following standard image types:
+ static NeverDestroyed<HashSet<String>> s_allowedImageUTIs = std::initializer_list<String> {
+ "com.compuserve.gif",
+ "com.microsoft.bmp",
+ "com.microsoft.cur",
+ "com.microsoft.ico",
+ "public.jpeg",
+ "public.jpeg-2000",
+ "public.mpo-image",
+ "public.png",
+ "public.tiff",
+ };
+
+#ifndef NDEBUG
+ // But make sure that all of them are really supported.
+ static bool checked = false;
+ if (!checked) {
+ RetainPtr<CFArrayRef> systemImageUTIs = adoptCF(CGImageSourceCopyTypeIdentifiers());
+ CFIndex count = CFArrayGetCount(systemImageUTIs.get());
+ for (auto& imageUTI : s_allowedImageUTIs.get()) {
+ RetainPtr<CFStringRef> string = imageUTI.createCFString();
+ ASSERT(CFArrayContainsValue(systemImageUTIs.get(), CFRangeMake(0, count), string.get()));
+ }
+ checked = true;
+ }
+#endif
+
+ return s_allowedImageUTIs.get();
+}
+
+bool isAllowedImageUTI(const String& imageUTI)
+{
+ return !imageUTI.isEmpty() && allowedImageUTIs().contains(imageUTI);
+}
+
+}
+
+#endif
Added: trunk/Source/WebCore/platform/graphics/cg/UTIRegistry.h (0 => 215706)
--- trunk/Source/WebCore/platform/graphics/cg/UTIRegistry.h (rev 0)
+++ trunk/Source/WebCore/platform/graphics/cg/UTIRegistry.h 2017-04-25 00:14:31 UTC (rev 215706)
@@ -0,0 +1,36 @@
+/*
+ * Copyright (C) 2017 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+ * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#pragma once
+
+#include <wtf/HashSet.h>
+#include <wtf/text/WTFString.h>
+
+namespace WebCore {
+
+HashSet<String>& allowedImageUTIs();
+bool isAllowedImageUTI(const String&);
+
+}
