[webkit-changes] [231598] trunk/Source/WebKit

[bfulgham]

Title: [231598] trunk/Source/WebKit

Revision

231598

Author

bfulg...@apple.com

Date

2018-05-09 14:55:25 -0700 (Wed, 09 May 2018)

Log Message

Restrict unarchiving of bundle parameters to a set of known classes
https://bugs.webkit.org/show_bug.cgi?id=185489
<rdar://problem/21912401>

Reviewed by Ryosuke Niwa.

Stop accepting anything derived from NSObject, and instead only agree to unarchive objects
from a set of things we actually pass as InjectedBundle parameters.

* WebProcess/InjectedBundle/mac/InjectedBundleMac.mm:
(WebKit::InjectedBundle::setBundleParameter):

Modified Paths

• trunk/Source/WebKit/ChangeLog
• trunk/Source/WebKit/WebProcess/InjectedBundle/mac/InjectedBundleMac.mm

Diff

Modified: trunk/Source/WebKit/ChangeLog (231597 => 231598)

--- trunk/Source/WebKit/ChangeLog	2018-05-09 21:48:38 UTC (rev 231597)
+++ trunk/Source/WebKit/ChangeLog	2018-05-09 21:55:25 UTC (rev 231598)
@@ -1,3 +1,17 @@
+2018-05-09  Brent Fulgham  <bfulg...@apple.com>
+
+        Restrict unarchiving of bundle parameters to a set of known classes
+        https://bugs.webkit.org/show_bug.cgi?id=185489
+        <rdar://problem/21912401>
+
+        Reviewed by Ryosuke Niwa.
+
+        Stop accepting anything derived from NSObject, and instead only agree to unarchive objects
+        from a set of things we actually pass as InjectedBundle parameters.
+
+        * WebProcess/InjectedBundle/mac/InjectedBundleMac.mm:
+        (WebKit::InjectedBundle::setBundleParameter):
+
 2018-05-09  Richard Houle  <rho...@apple.com>
 
         [Cocoa] Some fields are not identified as [WKWebProcessPlugInNodeHandle isTextField]

Modified: trunk/Source/WebKit/WebProcess/InjectedBundle/mac/InjectedBundleMac.mm (231597 => 231598)

--- trunk/Source/WebKit/WebProcess/InjectedBundle/mac/InjectedBundleMac.mm	2018-05-09 21:48:38 UTC (rev 231597)
+++ trunk/Source/WebKit/WebProcess/InjectedBundle/mac/InjectedBundleMac.mm	2018-05-09 21:55:25 UTC (rev 231598)
@@ -181,7 +181,7 @@
 
     id parameter = nil;
     @try {
-        parameter = [unarchiver decodeObjectOfClass:[NSObject class] forKey:@"parameter"];
+        parameter = [unarchiver decodeObjectOfClasses:[NSSet setWithObjects:[NSArray class], [NSData class], [NSDate class], [NSDictionary class], [NSNull class], [NSNumber class], [NSSet class], [NSString class], [NSTimeZone class], [NSURL class], [NSUUID class], nil] forKey:@"parameter"];
     } @catch (NSException *exception) {
         LOG_ERROR("Failed to decode bundle parameter: %@", exception);
         return;

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes