Title: [239106] trunk/Source/WebKit
- Revision
- 239106
- Author
- [email protected]
- Date
- 2018-12-12 09:05:41 -0800 (Wed, 12 Dec 2018)
Log Message
[iOS] Zero memory containing the password for PDF documents when a WKPDFView is deallocated
https://bugs.webkit.org/show_bug.cgi?id=192536
rdar://problem/41174451
Reviewed by Tim Horton.
* UIProcess/ios/WKPDFView.mm: Took out PLATFORM(IOSMAC) since
this class is not compiled on that platform at this time. Can always
add it back later.
(-[WKPDFView dealloc]): Zero out characters of _passwordForPrinting.
(-[WKPDFView pdfHostViewController:documentDidUnlockWithPassword:]):
Initialize _passwordForPrinting; use a CString instead of retaining
an NSString since we can zero that out easily.
(-[WKPDFView _ensureDocumentForPrinting]): Use _passwordForPrinting.
Modified Paths
Diff
Modified: trunk/Source/WebKit/ChangeLog (239105 => 239106)
--- trunk/Source/WebKit/ChangeLog 2018-12-12 16:28:51 UTC (rev 239105)
+++ trunk/Source/WebKit/ChangeLog 2018-12-12 17:05:41 UTC (rev 239106)
@@ -1,3 +1,20 @@
+2018-12-09 Darin Adler <[email protected]>
+
+ [iOS] Zero memory containing the password for PDF documents when a WKPDFView is deallocated
+ https://bugs.webkit.org/show_bug.cgi?id=192536
+ rdar://problem/41174451
+
+ Reviewed by Tim Horton.
+
+ * UIProcess/ios/WKPDFView.mm: Took out PLATFORM(IOSMAC) since
+ this class is not compiled on that platform at this time. Can always
+ add it back later.
+ (-[WKPDFView dealloc]): Zero out characters of _passwordForPrinting.
+ (-[WKPDFView pdfHostViewController:documentDidUnlockWithPassword:]):
+ Initialize _passwordForPrinting; use a CString instead of retaining
+ an NSString since we can zero that out easily.
+ (-[WKPDFView _ensureDocumentForPrinting]): Use _passwordForPrinting.
+
2018-12-12 Commit Queue <[email protected]>
Unreviewed, rolling out r239103.
Modified: trunk/Source/WebKit/UIProcess/ios/WKPDFView.mm (239105 => 239106)
--- trunk/Source/WebKit/UIProcess/ios/WKPDFView.mm 2018-12-12 16:28:51 UTC (rev 239105)
+++ trunk/Source/WebKit/UIProcess/ios/WKPDFView.mm 2018-12-12 17:05:41 UTC (rev 239106)
@@ -64,7 +64,7 @@
RetainPtr<PDFHostViewController> _hostViewController;
CGSize _overlaidAccessoryViewsInset;
RetainPtr<UIView> _pageNumberIndicator;
- RetainPtr<NSString> _password;
+ CString _passwordForPrinting;
WebKit::InteractionInformationAtPosition _positionInformation;
RetainPtr<NSString> _suggestedFilename;
WeakObjCPtr<WKWebView> _webView;
@@ -77,6 +77,7 @@
[[_hostViewController view] removeFromSuperview];
[_pageNumberIndicator removeFromSuperview];
[_keyboardScrollingAnimator invalidate];
+ std::memset(_passwordForPrinting.mutableData(), 0, _passwordForPrinting.length());
[super dealloc];
}
@@ -404,7 +405,7 @@
- (void)pdfHostViewController:(PDFHostViewController *)controller documentDidUnlockWithPassword:(NSString *)password
{
- _password = adoptNS([password copy]);
+ _passwordForPrinting = [password UTF8String];
}
- (void)pdfHostViewController:(PDFHostViewController *)controller findStringUpdate:(NSUInteger)numFound done:(BOOL)done
@@ -559,8 +560,6 @@
#pragma mark _WKWebViewPrintProvider
-#if !PLATFORM(IOSMAC)
-
@interface WKPDFView (_WKWebViewPrintFormatter) <_WKWebViewPrintProvider>
@end
@@ -574,7 +573,7 @@
auto dataProvider = adoptCF(CGDataProviderCreateWithCFData((CFDataRef)_data.get()));
auto pdfDocument = adoptCF(CGPDFDocumentCreateWithProvider(dataProvider.get()));
if (!CGPDFDocumentIsUnlocked(pdfDocument.get()))
- CGPDFDocumentUnlockWithPassword(pdfDocument.get(), [_password UTF8String]);
+ CGPDFDocumentUnlockWithPassword(pdfDocument.get(), _passwordForPrinting.data());
_documentForPrinting = WTFMove(pdfDocument);
return _documentForPrinting.get();
@@ -599,6 +598,4 @@
@end
-#endif // !PLATFORM(IOSMAC)
-
#endif // ENABLE(WKPDFVIEW)
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
