Title: [236256] trunk/Source/WebCore
- Revision
- 236256
- Author
- [email protected]
- Date
- 2018-09-20 04:22:00 -0700 (Thu, 20 Sep 2018)
Log Message
[EME] Add WebM sanitization
https://bugs.webkit.org/show_bug.cgi?id=189740
Patch by Yacine Bandou <[email protected]> on 2018-09-20
Reviewed by Xabier Rodriguez-Calvar.
This patch adds support for sanitizing the WebM initialization data,
ensures there are no bogus values.
See https://www.w3.org/TR/encrypted-media/#dom-mediakeysession-generaterequest.
Tests: imported/w3c/web-platform-tests/encrypted-media/clearkey-generate-request-disallowed-input.https.html
* Modules/encryptedmedia/InitDataRegistry.cpp:
(WebCore::sanitizeWebM): Added implementation, check if the initialization data doesn't empty and its size
should be less than 64KB, return the buffer copy if it is ok, otherwise a nullptr.
(WebCore::extractKeyIDsWebM): Added implementation.
Modified Paths
Diff
Modified: trunk/Source/WebCore/ChangeLog (236255 => 236256)
--- trunk/Source/WebCore/ChangeLog 2018-09-20 09:18:01 UTC (rev 236255)
+++ trunk/Source/WebCore/ChangeLog 2018-09-20 11:22:00 UTC (rev 236256)
@@ -1,3 +1,21 @@
+2018-09-20 Yacine Bandou <[email protected]>
+
+ [EME] Add WebM sanitization
+ https://bugs.webkit.org/show_bug.cgi?id=189740
+
+ Reviewed by Xabier Rodriguez-Calvar.
+
+ This patch adds support for sanitizing the WebM initialization data,
+ ensures there are no bogus values.
+ See https://www.w3.org/TR/encrypted-media/#dom-mediakeysession-generaterequest.
+
+ Tests: imported/w3c/web-platform-tests/encrypted-media/clearkey-generate-request-disallowed-input.https.html
+
+ * Modules/encryptedmedia/InitDataRegistry.cpp:
+ (WebCore::sanitizeWebM): Added implementation, check if the initialization data doesn't empty and its size
+ should be less than 64KB, return the buffer copy if it is ok, otherwise a nullptr.
+ (WebCore::extractKeyIDsWebM): Added implementation.
+
2018-09-20 Philippe Normand <[email protected]>
[GStreamer] Utilities cleanups
Modified: trunk/Source/WebCore/Modules/encryptedmedia/InitDataRegistry.cpp (236255 => 236256)
--- trunk/Source/WebCore/Modules/encryptedmedia/InitDataRegistry.cpp 2018-09-20 09:18:01 UTC (rev 236255)
+++ trunk/Source/WebCore/Modules/encryptedmedia/InitDataRegistry.cpp 2018-09-20 11:22:00 UTC (rev 236256)
@@ -41,6 +41,10 @@
namespace {
const uint32_t kCencMaxBoxSize = 64 * KB;
+ // ContentEncKeyID has this EBML code [47][E2] in WebM,
+ // as per spec the size of the ContentEncKeyID is encoded on 16 bits.
+ // https://matroska.org/technical/specs/index.html#ContentEncKeyID/
+ const uint32_t kWebMMaxContentEncKeyIDSize = 64 * KB; // 2^16
}
static std::optional<Vector<Ref<SharedBuffer>>> extractKeyIDsKeyids(const SharedBuffer& buffer)
@@ -139,18 +143,25 @@
static RefPtr<SharedBuffer> sanitizeWebM(const SharedBuffer& buffer)
{
- // 1. Format
- // https://w3c.github.io/encrypted-media/format-registry/initdata/webm.html#format
- notImplemented();
+ // Check if the buffer is a valid WebM initData.
+ // The WebM initData is the ContentEncKeyID, so should be less than kWebMMaxContentEncKeyIDSize.
+ if (buffer.isEmpty() || buffer.size() > kWebMMaxContentEncKeyIDSize)
+ return nullptr;
+
return buffer.copy();
}
-static std::optional<Vector<Ref<SharedBuffer>>> extractKeyIDsWebM(const SharedBuffer&)
+static std::optional<Vector<Ref<SharedBuffer>>> extractKeyIDsWebM(const SharedBuffer& buffer)
{
+ Vector<Ref<SharedBuffer>> keyIDs;
+ RefPtr<SharedBuffer> sanitazedBuffer = sanitizeWebM(buffer);
+ if (!sanitazedBuffer)
+ return std::nullopt;
+
// 1. Format
// https://w3c.github.io/encrypted-media/format-registry/initdata/webm.html#format
- notImplemented();
- return std::nullopt;
+ keyIDs.append(sanitazedBuffer.releaseNonNull());
+ return keyIDs;
}
InitDataRegistry& InitDataRegistry::shared()
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
