[webkit-changes] [260429] trunk/Source/WebKit

Tue, 21 Apr 2020 09:06:16 -0700

Title: [260429] trunk/Source/WebKit
Revision
260429
Author
wenson_hs...@apple.com
Date
2020-04-21 09:05:46 -0700 (Tue, 21 Apr 2020)

Log Message

[Cocoa] Tighten up some more IPC message checks in WebPasteboardProxy
https://bugs.webkit.org/show_bug.cgi?id=210780
<rdar://problem/62088479>

Reviewed by Alex Christensen.

Adjust some existing IPC message checks in WebPasteboardProxy, and also introduces some new ones. See below for
more details.

* UIProcess/Cocoa/WebPasteboardProxyCocoa.mm:
(WebKit::WebPasteboardProxy::didModifyContentsOfPasteboard):

Move the `pasteboardName` check here out of `didModifyContentsOfPasteboard`, and into each call site, such that
we bail and kill the web process before invoking `didModifyContentsOfPasteboard` in the case where the name is
empty.

(WebKit::WebPasteboardProxy::getPasteboardPathnamesForType):
(WebKit::WebPasteboardProxy::getPasteboardStringForType):
(WebKit::WebPasteboardProxy::getPasteboardStringsForType):
(WebKit::WebPasteboardProxy::getPasteboardBufferForType):
(WebKit::WebPasteboardProxy::addPasteboardTypes):
(WebKit::WebPasteboardProxy::setPasteboardTypes):
(WebKit::WebPasteboardProxy::setPasteboardURL):
(WebKit::WebPasteboardProxy::setPasteboardColor):
(WebKit::WebPasteboardProxy::setPasteboardStringForType):

Add message checks for empty pasteboard types.

(WebKit::WebPasteboardProxy::setPasteboardBufferForType):
(WebKit::WebPasteboardProxy::writeCustomData):
(WebKit::WebPasteboardProxy::readStringFromPasteboard):
(WebKit::WebPasteboardProxy::readBufferFromPasteboard):
(WebKit::WebPasteboardProxy::writeURLToPasteboard):
(WebKit::WebPasteboardProxy::writeWebContentToPasteboard):
(WebKit::WebPasteboardProxy::writeImageToPasteboard):
(WebKit::WebPasteboardProxy::writeStringToPasteboard):

Add a message check for empty pasteboard types, but only when the string is also empty; this is because iOS
clears pasteboard data by writing an empty pasteboard string and type.

Modified Paths

Diff

Modified: trunk/Source/WebKit/ChangeLog (260428 => 260429)


--- trunk/Source/WebKit/ChangeLog	2020-04-21 15:51:13 UTC (rev 260428)
+++ trunk/Source/WebKit/ChangeLog	2020-04-21 16:05:46 UTC (rev 260429)
@@ -1,3 +1,45 @@
+2020-04-21  Wenson Hsieh  <wenson_hs...@apple.com>
+
+        [Cocoa] Tighten up some more IPC message checks in WebPasteboardProxy
+        https://bugs.webkit.org/show_bug.cgi?id=210780
+        <rdar://problem/62088479>
+
+        Reviewed by Alex Christensen.
+
+        Adjust some existing IPC message checks in WebPasteboardProxy, and also introduces some new ones. See below for
+        more details.
+
+        * UIProcess/Cocoa/WebPasteboardProxyCocoa.mm:
+        (WebKit::WebPasteboardProxy::didModifyContentsOfPasteboard):
+
+        Move the `pasteboardName` check here out of `didModifyContentsOfPasteboard`, and into each call site, such that
+        we bail and kill the web process before invoking `didModifyContentsOfPasteboard` in the case where the name is
+        empty.
+
+        (WebKit::WebPasteboardProxy::getPasteboardPathnamesForType):
+        (WebKit::WebPasteboardProxy::getPasteboardStringForType):
+        (WebKit::WebPasteboardProxy::getPasteboardStringsForType):
+        (WebKit::WebPasteboardProxy::getPasteboardBufferForType):
+        (WebKit::WebPasteboardProxy::addPasteboardTypes):
+        (WebKit::WebPasteboardProxy::setPasteboardTypes):
+        (WebKit::WebPasteboardProxy::setPasteboardURL):
+        (WebKit::WebPasteboardProxy::setPasteboardColor):
+        (WebKit::WebPasteboardProxy::setPasteboardStringForType):
+
+        Add message checks for empty pasteboard types.
+
+        (WebKit::WebPasteboardProxy::setPasteboardBufferForType):
+        (WebKit::WebPasteboardProxy::writeCustomData):
+        (WebKit::WebPasteboardProxy::readStringFromPasteboard):
+        (WebKit::WebPasteboardProxy::readBufferFromPasteboard):
+        (WebKit::WebPasteboardProxy::writeURLToPasteboard):
+        (WebKit::WebPasteboardProxy::writeWebContentToPasteboard):
+        (WebKit::WebPasteboardProxy::writeImageToPasteboard):
+        (WebKit::WebPasteboardProxy::writeStringToPasteboard):
+
+        Add a message check for empty pasteboard types, but only when the string is also empty; this is because iOS
+        clears pasteboard data by writing an empty pasteboard string and type.
+
 2020-04-21  Adrian Perez de Castro  <ape...@igalia.com>
 
         [GTK][CMake] Make gtk-unix-print a component of FindGTK.cmake

Modified: trunk/Source/WebKit/UIProcess/Cocoa/WebPasteboardProxyCocoa.mm (260428 => 260429)


--- trunk/Source/WebKit/UIProcess/Cocoa/WebPasteboardProxyCocoa.mm	2020-04-21 15:51:13 UTC (rev 260428)
+++ trunk/Source/WebKit/UIProcess/Cocoa/WebPasteboardProxyCocoa.mm	2020-04-21 16:05:46 UTC (rev 260429)
@@ -104,8 +104,6 @@
 
 void WebPasteboardProxy::didModifyContentsOfPasteboard(IPC::Connection& connection, const String& pasteboardName, int64_t previousChangeCount, int64_t newChangeCount)
 {
-    MESSAGE_CHECK(!pasteboardName.isEmpty());
-
     auto* process = webProcessProxyForConnection(connection);
     MESSAGE_CHECK(process);
 
@@ -127,7 +125,7 @@
 void WebPasteboardProxy::getPasteboardPathnamesForType(IPC::Connection& connection, const String& pasteboardName, const String& pasteboardType,
     CompletionHandler<void(Vector<String>&& pathnames, SandboxExtension::HandleArray&& sandboxExtensions)>&& completionHandler)
 {
-    MESSAGE_CHECK_COMPLETION(!pasteboardType.isNull(), completionHandler({ }, { }));
+    MESSAGE_CHECK_COMPLETION(!pasteboardType.isEmpty(), completionHandler({ }, { }));
 
     // FIXME: This should consult canAccessPasteboardData() as well, and avoid responding with file paths if it returns false.
     Vector<String> pathnames;
@@ -151,7 +149,7 @@
 
 void WebPasteboardProxy::getPasteboardStringForType(IPC::Connection& connection, const String& pasteboardName, const String& pasteboardType, CompletionHandler<void(String&&)>&& completionHandler)
 {
-    MESSAGE_CHECK_COMPLETION(!pasteboardType.isNull(), completionHandler({ }));
+    MESSAGE_CHECK_COMPLETION(!pasteboardType.isEmpty(), completionHandler({ }));
 
     if (!canAccessPasteboardData(connection, pasteboardName))
         return completionHandler({ });
@@ -161,7 +159,7 @@
 
 void WebPasteboardProxy::getPasteboardStringsForType(IPC::Connection& connection, const String& pasteboardName, const String& pasteboardType, CompletionHandler<void(Vector<String>&&)>&& completionHandler)
 {
-    MESSAGE_CHECK_COMPLETION(!pasteboardType.isNull(), completionHandler({ }));
+    MESSAGE_CHECK_COMPLETION(!pasteboardType.isEmpty(), completionHandler({ }));
 
     if (!canAccessPasteboardData(connection, pasteboardName))
         return completionHandler({ });
@@ -171,7 +169,7 @@
 
 void WebPasteboardProxy::getPasteboardBufferForType(IPC::Connection& connection, const String& pasteboardName, const String& pasteboardType, CompletionHandler<void(SharedMemory::Handle&&, uint64_t)>&& completionHandler)
 {
-    MESSAGE_CHECK_COMPLETION(!pasteboardType.isNull(), completionHandler({ }, 0));
+    MESSAGE_CHECK_COMPLETION(!pasteboardType.isEmpty(), completionHandler({ }, 0));
 
     if (!canAccessPasteboardData(connection, pasteboardName))
         return completionHandler({ }, 0);
@@ -214,6 +212,11 @@
 
 void WebPasteboardProxy::addPasteboardTypes(IPC::Connection& connection, const String& pasteboardName, const Vector<String>& pasteboardTypes, CompletionHandler<void(int64_t)>&& completionHandler)
 {
+    MESSAGE_CHECK_COMPLETION(!pasteboardName.isEmpty(), completionHandler(0));
+
+    for (auto& type : pasteboardTypes)
+        MESSAGE_CHECK_COMPLETION(!type.isEmpty(), completionHandler(0));
+
     auto previousChangeCount = PlatformPasteboard(pasteboardName).changeCount();
     auto newChangeCount = PlatformPasteboard(pasteboardName).addTypes(pasteboardTypes);
     didModifyContentsOfPasteboard(connection, pasteboardName, previousChangeCount, previousChangeCount);
@@ -222,6 +225,11 @@
 
 void WebPasteboardProxy::setPasteboardTypes(IPC::Connection& connection, const String& pasteboardName, const Vector<String>& pasteboardTypes, CompletionHandler<void(int64_t)>&& completionHandler)
 {
+    MESSAGE_CHECK_COMPLETION(!pasteboardName.isEmpty(), completionHandler(0));
+
+    for (auto& type : pasteboardTypes)
+        MESSAGE_CHECK_COMPLETION(!type.isEmpty(), completionHandler(0));
+
     auto previousChangeCount = PlatformPasteboard(pasteboardName).changeCount();
     auto newChangeCount = PlatformPasteboard(pasteboardName).setTypes(pasteboardTypes);
     didModifyContentsOfPasteboard(connection, pasteboardName, previousChangeCount, newChangeCount);
@@ -230,6 +238,8 @@
 
 void WebPasteboardProxy::setPasteboardURL(IPC::Connection& connection, const PasteboardURL& pasteboardURL, const String& pasteboardName, CompletionHandler<void(int64_t)>&& completionHandler)
 {
+    MESSAGE_CHECK_COMPLETION(!pasteboardName.isEmpty(), completionHandler(0));
+
     if (auto* webProcessProxy = webProcessProxyForConnection(connection)) {
         if (!webProcessProxy->checkURLReceivedFromWebProcess(pasteboardURL.url.string()))
             return completionHandler(0);
@@ -244,6 +254,8 @@
 
 void WebPasteboardProxy::setPasteboardColor(IPC::Connection& connection, const String& pasteboardName, const WebCore::Color& color, CompletionHandler<void(int64_t)>&& completionHandler)
 {
+    MESSAGE_CHECK_COMPLETION(!pasteboardName.isEmpty(), completionHandler(0));
+
     auto previousChangeCount = PlatformPasteboard(pasteboardName).changeCount();
     auto newChangeCount = PlatformPasteboard(pasteboardName).setColor(color);
     didModifyContentsOfPasteboard(connection, pasteboardName, previousChangeCount, newChangeCount);
@@ -252,7 +264,8 @@
 
 void WebPasteboardProxy::setPasteboardStringForType(IPC::Connection& connection, const String& pasteboardName, const String& pasteboardType, const String& string, CompletionHandler<void(int64_t)>&& completionHandler)
 {
-    MESSAGE_CHECK_COMPLETION(!pasteboardType.isNull(), completionHandler(0));
+    MESSAGE_CHECK_COMPLETION(!pasteboardName.isEmpty(), completionHandler(0));
+    MESSAGE_CHECK_COMPLETION(!pasteboardType.isEmpty(), completionHandler(0));
 
     auto previousChangeCount = PlatformPasteboard(pasteboardName).changeCount();
     auto newChangeCount = PlatformPasteboard(pasteboardName).setStringForType(string, pasteboardType);
@@ -277,7 +290,8 @@
 
 void WebPasteboardProxy::setPasteboardBufferForType(IPC::Connection& connection, const String& pasteboardName, const String& pasteboardType, const SharedMemory::Handle& handle, uint64_t size, CompletionHandler<void(int64_t)>&& completionHandler)
 {
-    MESSAGE_CHECK_COMPLETION(!pasteboardType.isNull(), completionHandler(0));
+    MESSAGE_CHECK_COMPLETION(!pasteboardName.isEmpty(), completionHandler(0));
+    MESSAGE_CHECK_COMPLETION(!pasteboardType.isEmpty(), completionHandler(0));
 
     auto previousChangeCount = PlatformPasteboard(pasteboardName).changeCount();
     if (handle.isNull()) {
@@ -312,6 +326,8 @@
 
 void WebPasteboardProxy::writeCustomData(IPC::Connection& connection, const Vector<PasteboardCustomData>& data, const String& pasteboardName, CompletionHandler<void(int64_t)>&& completionHandler)
 {
+    MESSAGE_CHECK_COMPLETION(!pasteboardName.isEmpty(), completionHandler(0));
+
     auto previousChangeCount = PlatformPasteboard(pasteboardName).changeCount();
     auto newChangeCount = PlatformPasteboard(pasteboardName).write(data);
     didModifyContentsOfPasteboard(connection, pasteboardName, previousChangeCount, newChangeCount);
@@ -335,7 +351,7 @@
 
 void WebPasteboardProxy::readStringFromPasteboard(IPC::Connection& connection, size_t index, const String& pasteboardType, const String& pasteboardName, CompletionHandler<void(String&&)>&& completionHandler)
 {
-    MESSAGE_CHECK_COMPLETION(!pasteboardType.isNull(), completionHandler({ }));
+    MESSAGE_CHECK_COMPLETION(!pasteboardType.isEmpty(), completionHandler({ }));
 
     if (!canAccessPasteboardData(connection, pasteboardName))
         return completionHandler({ });
@@ -355,7 +371,7 @@
 
 void WebPasteboardProxy::readBufferFromPasteboard(IPC::Connection& connection, size_t index, const String& pasteboardType, const String& pasteboardName, CompletionHandler<void(SharedMemory::Handle&&, uint64_t size)>&& completionHandler)
 {
-    MESSAGE_CHECK_COMPLETION(!pasteboardType.isNull(), completionHandler({ }, 0));
+    MESSAGE_CHECK_COMPLETION(!pasteboardType.isEmpty(), completionHandler({ }, 0));
 
     if (!canAccessPasteboardData(connection, pasteboardName))
         return completionHandler({ }, 0);
@@ -384,6 +400,8 @@
 
 void WebPasteboardProxy::writeURLToPasteboard(IPC::Connection& connection, const PasteboardURL& url, const String& pasteboardName)
 {
+    MESSAGE_CHECK(!pasteboardName.isEmpty());
+
     auto previousChangeCount = PlatformPasteboard(pasteboardName).changeCount();
     PlatformPasteboard(pasteboardName).write(url);
     didModifyContentsOfPasteboard(connection, pasteboardName, previousChangeCount, PlatformPasteboard(pasteboardName).changeCount());
@@ -391,6 +409,8 @@
 
 void WebPasteboardProxy::writeWebContentToPasteboard(IPC::Connection& connection, const WebCore::PasteboardWebContent& content, const String& pasteboardName)
 {
+    MESSAGE_CHECK(!pasteboardName.isEmpty());
+
     auto previousChangeCount = PlatformPasteboard(pasteboardName).changeCount();
     PlatformPasteboard(pasteboardName).write(content);
     didModifyContentsOfPasteboard(connection, pasteboardName, previousChangeCount, PlatformPasteboard(pasteboardName).changeCount());
@@ -398,6 +418,8 @@
 
 void WebPasteboardProxy::writeImageToPasteboard(IPC::Connection& connection, const WebCore::PasteboardImage& pasteboardImage, const String& pasteboardName)
 {
+    MESSAGE_CHECK(!pasteboardName.isEmpty());
+
     auto previousChangeCount = PlatformPasteboard(pasteboardName).changeCount();
     PlatformPasteboard(pasteboardName).write(pasteboardImage);
     didModifyContentsOfPasteboard(connection, pasteboardName, previousChangeCount, PlatformPasteboard(pasteboardName).changeCount());
@@ -405,6 +427,9 @@
 
 void WebPasteboardProxy::writeStringToPasteboard(IPC::Connection& connection, const String& pasteboardType, const String& text, const String& pasteboardName)
 {
+    MESSAGE_CHECK(!pasteboardName.isEmpty());
+    MESSAGE_CHECK(!pasteboardType.isEmpty() || text.isEmpty());
+
     auto previousChangeCount = PlatformPasteboard(pasteboardName).changeCount();
     PlatformPasteboard(pasteboardName).write(pasteboardType, text);
     didModifyContentsOfPasteboard(connection, pasteboardName, previousChangeCount, PlatformPasteboard(pasteboardName).changeCount());

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to