Title: [236289] trunk/Source/WebKit
- Revision
- 236289
- Author
- [email protected]
- Date
- 2018-09-20 16:11:19 -0700 (Thu, 20 Sep 2018)
Log Message
InjectedBundle parameters often need initialization function called before unarchiving
https://bugs.webkit.org/show_bug.cgi?id=189709
<rdar://problem/44573653>
Reviewed by Chris Dumez.
Handle the case where the InjectedBundle parameters do not successfully decode because they contain
an unexpected class from the embedding program. If this happens, try decoding the bundle parameters
after the bundle initialiation function runs, which gives the embedding program the opportunity to
register additional classes that are safe for serialization.
Create a new 'decodeBundleParameters' method that contains the logic that used to live in 'initialize'.
This new method returns 'true' if the serialization was successful, otherwise it returns false.
Revise 'initialize' to call this new method and check the return value. If it fails, try decoding the
bundle parameters after the bundle's initialization function is called.
* WebProcess/InjectedBundle/InjectedBundle.h:
* WebProcess/InjectedBundle/mac/InjectedBundleMac.mm:
(WebKit::InjectedBundle::initialize): Use the new method.
(WebKit::InjectedBundle::decodeBundleParameters): Added.
(WebKit::InjectedBundle::setBundleParameters): Use 'decodeObjectOfClasses' with the more complete
'classesForCoder' method to unarchive the passed bundle parameters, rather than the
NSDictionary-specific method, since InjectedBundles often encode other types of objects, and the
NSDictionary object may itself hold other kinds of objects.
Modified Paths
Diff
Modified: trunk/Source/WebKit/ChangeLog (236288 => 236289)
--- trunk/Source/WebKit/ChangeLog 2018-09-20 22:27:28 UTC (rev 236288)
+++ trunk/Source/WebKit/ChangeLog 2018-09-20 23:11:19 UTC (rev 236289)
@@ -1,3 +1,31 @@
+2018-09-20 Brent Fulgham <[email protected]>
+
+ InjectedBundle parameters often need initialization function called before unarchiving
+ https://bugs.webkit.org/show_bug.cgi?id=189709
+ <rdar://problem/44573653>
+
+ Reviewed by Chris Dumez.
+
+ Handle the case where the InjectedBundle parameters do not successfully decode because they contain
+ an unexpected class from the embedding program. If this happens, try decoding the bundle parameters
+ after the bundle initialiation function runs, which gives the embedding program the opportunity to
+ register additional classes that are safe for serialization.
+
+ Create a new 'decodeBundleParameters' method that contains the logic that used to live in 'initialize'.
+ This new method returns 'true' if the serialization was successful, otherwise it returns false.
+
+ Revise 'initialize' to call this new method and check the return value. If it fails, try decoding the
+ bundle parameters after the bundle's initialization function is called.
+
+ * WebProcess/InjectedBundle/InjectedBundle.h:
+ * WebProcess/InjectedBundle/mac/InjectedBundleMac.mm:
+ (WebKit::InjectedBundle::initialize): Use the new method.
+ (WebKit::InjectedBundle::decodeBundleParameters): Added.
+ (WebKit::InjectedBundle::setBundleParameters): Use 'decodeObjectOfClasses' with the more complete
+ 'classesForCoder' method to unarchive the passed bundle parameters, rather than the
+ NSDictionary-specific method, since InjectedBundles often encode other types of objects, and the
+ NSDictionary object may itself hold other kinds of objects.
+
2018-09-20 Jer Noble <[email protected]>
Enable Modern EME by default
Modified: trunk/Source/WebKit/WebProcess/InjectedBundle/InjectedBundle.h (236288 => 236289)
--- trunk/Source/WebKit/WebProcess/InjectedBundle/InjectedBundle.h 2018-09-20 22:27:28 UTC (rev 236288)
+++ trunk/Source/WebKit/WebProcess/InjectedBundle/InjectedBundle.h 2018-09-20 23:11:19 UTC (rev 236289)
@@ -168,6 +168,10 @@
private:
explicit InjectedBundle(const WebProcessCreationParameters&);
+#if PLATFORM(COCOA) && WK_API_ENABLED
+ void decodeBundleParameters(API::Data*);
+#endif
+
String m_path;
PlatformBundle m_platformBundle; // This is leaked right now, since we never unload the bundle/module.
Modified: trunk/Source/WebKit/WebProcess/InjectedBundle/mac/InjectedBundleMac.mm (236288 => 236289)
--- trunk/Source/WebKit/WebProcess/InjectedBundle/mac/InjectedBundleMac.mm 2018-09-20 22:27:28 UTC (rev 236288)
+++ trunk/Source/WebKit/WebProcess/InjectedBundle/mac/InjectedBundleMac.mm 2018-09-20 23:11:19 UTC (rev 236289)
@@ -98,25 +98,6 @@
}
}
-#if WK_API_ENABLED
- if (parameters.bundleParameterData) {
- auto bundleParameterData = adoptNS([[NSData alloc] initWithBytesNoCopy:const_cast<void*>(static_cast<const void*>(parameters.bundleParameterData->bytes())) length:parameters.bundleParameterData->size() freeWhenDone:NO]);
-
- auto unarchiver = secureUnarchiverFromData(bundleParameterData.get());
-
- NSDictionary *dictionary = nil;
- @try {
- dictionary = [unarchiver.get() decodeObjectOfClass:[NSObject class] forKey:@"parameters"];
- ASSERT([dictionary isKindOfClass:[NSDictionary class]]);
- } @catch (NSException *exception) {
- LOG_ERROR("Failed to decode bundle parameters: %@", exception);
- }
-
- ASSERT(!m_bundleParameters);
- m_bundleParameters = adoptNS([[WKWebProcessBundleParameters alloc] initWithDictionary:dictionary]);
- }
-#endif
-
if (!initializeFunction)
initializeFunction = bitwise_cast<WKBundleInitializeFunctionPtr>(CFBundleGetFunctionPointerForName([m_platformBundle _cfBundle], CFSTR("WKBundleInitialize")));
@@ -123,10 +104,15 @@
// First check to see if the bundle has a WKBundleInitialize function.
if (initializeFunction) {
initializeFunction(toAPI(this), toAPI(initializationUserData));
+#if WK_API_ENABLED
+ decodeBundleParameters(parameters.bundleParameterData.get());
+#endif
return true;
}
#if WK_API_ENABLED
+ decodeBundleParameters(parameters.bundleParameterData.get());
+
// Otherwise, look to see if the bundle has a principal class
Class principalClass = [m_platformBundle principalClass];
if (!principalClass) {
@@ -205,6 +191,29 @@
return m_classesForCoder.get();
}
+
+void InjectedBundle::decodeBundleParameters(API::Data* bundleParameterDataPtr)
+{
+ if (!bundleParameterDataPtr)
+ return;
+
+ auto bundleParameterData = adoptNS([[NSData alloc] initWithBytesNoCopy:const_cast<void*>(static_cast<const void*>(bundleParameterDataPtr->bytes())) length:bundleParameterDataPtr->size() freeWhenDone:NO]);
+
+ auto unarchiver = secureUnarchiverFromData(bundleParameterData.get());
+
+ NSDictionary *dictionary = nil;
+ @try {
+ dictionary = [unarchiver.get() decodeObjectOfClasses:classesForCoder() forKey:@"parameters"];
+ ASSERT([dictionary isKindOfClass:[NSDictionary class]]);
+ } @catch (NSException *exception) {
+ LOG_ERROR("Failed to decode bundle parameters: %@", exception);
+ return;
+ }
+
+ ASSERT(!m_bundleParameters || m_bundleParameters.get());
+ m_bundleParameters = adoptNS([[WKWebProcessBundleParameters alloc] initWithDictionary:dictionary]);
+}
+
#endif
void InjectedBundle::setBundleParameter(const String& key, const IPC::DataReference& value)
@@ -238,7 +247,7 @@
NSDictionary *parameters = nil;
@try {
- parameters = [unarchiver decodeObjectOfClass:[NSDictionary class] forKey:@"parameters"];
+ parameters = [unarchiver decodeObjectOfClasses:classesForCoder() forKey:@"parameters"];
} @catch (NSException *exception) {
LOG_ERROR("Failed to decode bundle parameter: %@", exception);
}
@@ -246,6 +255,8 @@
if (!parameters)
return;
+ RELEASE_ASSERT_WITH_SECURITY_IMPLICATION([parameters isKindOfClass:[NSDictionary class]]);
+
if (!m_bundleParameters) {
m_bundleParameters = adoptNS([[WKWebProcessBundleParameters alloc] initWithDictionary:parameters]);
return;
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
