[webkit-changes] [229145] branches/safari-605.1.33.0-branch/Source/WebKit

Thu, 01 Mar 2018 13:59:32 -0800

Title: [229145] branches/safari-605.1.33.0-branch/Source/WebKit
Revision
229145
Author
[email protected]
Date
2018-03-01 13:58:56 -0800 (Thu, 01 Mar 2018)

Log Message

Cherry-pick r229134. rdar://problem/38035469


Modified Paths

Diff

Modified: branches/safari-605.1.33.0-branch/Source/WebKit/ChangeLog (229144 => 229145)


--- branches/safari-605.1.33.0-branch/Source/WebKit/ChangeLog	2018-03-01 21:58:53 UTC (rev 229144)
+++ branches/safari-605.1.33.0-branch/Source/WebKit/ChangeLog	2018-03-01 21:58:56 UTC (rev 229145)
@@ -1,3 +1,26 @@
+2018-03-01  Jason Marcell  <[email protected]>
+
+        Cherry-pick r229134. rdar://problem/38035469
+
+    2018-03-01  Antti Koivisto  <[email protected]>
+
+            Crash when updating cache entry after validation in apps that uses class A file protection
+            https://bugs.webkit.org/show_bug.cgi?id=183242
+            <rdar://problem/33289058>
+
+            Reviewed by Chris Dumez.
+
+            When validating a cache entry, we keep it alive until we get a network response. With 304 response
+            we then update the headers of this existing entry. This accesses the body data of the entry which
+            may be backed by a mapped file. If the app uses class A protection, user might have locked
+            the device and the entry might have become inaccessible, leading to a crash.
+
+            * NetworkProcess/cache/NetworkCacheEntry.cpp:
+            (WebKit::NetworkCache::Entry::setNeedsValidation):
+
+            In case of class A protection, pull the data to a memory buffer immediately before starting a revalidation request.
+            This makes the window where the file could become inaccessible much shorter (since it no longer depends on network).
+
 2018-02-28  Jason Marcell  <[email protected]>
 
         Cherry-pick r229028. rdar://problem/37947990

Modified: branches/safari-605.1.33.0-branch/Source/WebKit/NetworkProcess/cache/NetworkCacheEntry.cpp (229144 => 229145)


--- branches/safari-605.1.33.0-branch/Source/WebKit/NetworkProcess/cache/NetworkCacheEntry.cpp	2018-03-01 21:58:53 UTC (rev 229144)
+++ branches/safari-605.1.33.0-branch/Source/WebKit/NetworkProcess/cache/NetworkCacheEntry.cpp	2018-03-01 21:58:56 UTC (rev 229145)
@@ -195,6 +195,13 @@
 
 void Entry::setNeedsValidation(bool value)
 {
+    if (value) {
+        // Validation keeps the entry alive waiting for the network response. Pull data from a mapped file into a buffer early
+        // to protect against map disappearing due to device becoming locked.
+        // FIXME: Cache files should be Class B/C, or we shoudn't use mapped files at all in these cases.
+        if (!NetworkProcess::singleton().cache()->canUseSharedMemoryForBodyData())
+            buffer();
+    }
     m_response.setSource(value ? WebCore::ResourceResponse::Source::DiskCacheAfterValidation : WebCore::ResourceResponse::Source::DiskCache);
 }
 

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to