Title: [265473] branches/safari-610.1.25.10-branch/Source/WebKit
- Revision
- 265473
- Author
- [email protected]
- Date
- 2020-08-10 16:48:05 -0700 (Mon, 10 Aug 2020)
Log Message
Cherry-pick r265303. rdar://problem/66644025
[Cocoa] Sandbox extension token not cleared from memory
https://bugs.webkit.org/show_bug.cgi?id=215136
Reviewed by Geoffrey Garen.
As a security mitigation, an invalidated sandbox extension should have its token cleared from memory.
No new tests, covered by existing tests.
* Shared/Cocoa/SandboxExtensionCocoa.mm:
(WebKit::SandboxExtensionImpl::m_length):
(WebKit::SandboxExtensionImpl::~SandboxExtensionImpl):
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@265303 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Modified Paths
Diff
Modified: branches/safari-610.1.25.10-branch/Source/WebKit/ChangeLog (265472 => 265473)
--- branches/safari-610.1.25.10-branch/Source/WebKit/ChangeLog 2020-08-10 23:48:03 UTC (rev 265472)
+++ branches/safari-610.1.25.10-branch/Source/WebKit/ChangeLog 2020-08-10 23:48:05 UTC (rev 265473)
@@ -1,5 +1,40 @@
2020-08-10 Alan Coon <[email protected]>
+ Cherry-pick r265303. rdar://problem/66644025
+
+ [Cocoa] Sandbox extension token not cleared from memory
+ https://bugs.webkit.org/show_bug.cgi?id=215136
+
+ Reviewed by Geoffrey Garen.
+
+ As a security mitigation, an invalidated sandbox extension should have its token cleared from memory.
+
+ No new tests, covered by existing tests.
+
+ * Shared/Cocoa/SandboxExtensionCocoa.mm:
+ (WebKit::SandboxExtensionImpl::m_length):
+ (WebKit::SandboxExtensionImpl::~SandboxExtensionImpl):
+
+
+ git-svn-id: https://svn.webkit.org/repository/webkit/trunk@265303 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+ 2020-08-05 Per Arne Vollan <[email protected]>
+
+ [Cocoa] Sandbox extension token not cleared from memory
+ https://bugs.webkit.org/show_bug.cgi?id=215136
+
+ Reviewed by Geoffrey Garen.
+
+ As a security mitigation, an invalidated sandbox extension should have its token cleared from memory.
+
+ No new tests, covered by existing tests.
+
+ * Shared/Cocoa/SandboxExtensionCocoa.mm:
+ (WebKit::SandboxExtensionImpl::m_length):
+ (WebKit::SandboxExtensionImpl::~SandboxExtensionImpl):
+
+2020-08-10 Alan Coon <[email protected]>
+
Cherry-pick r265295. rdar://problem/66643989
[Cocoa] Remove obsolete sandbox extension after r264178
Modified: branches/safari-610.1.25.10-branch/Source/WebKit/Shared/Cocoa/SandboxExtensionCocoa.mm (265472 => 265473)
--- branches/safari-610.1.25.10-branch/Source/WebKit/Shared/Cocoa/SandboxExtensionCocoa.mm 2020-08-10 23:48:03 UTC (rev 265472)
+++ branches/safari-610.1.25.10-branch/Source/WebKit/Shared/Cocoa/SandboxExtensionCocoa.mm 2020-08-10 23:48:05 UTC (rev 265473)
@@ -55,6 +55,10 @@
~SandboxExtensionImpl()
{
+ if (!m_token)
+ return;
+ auto length = strlen(m_token);
+ memset_s(m_token, length, 0, length);
free(m_token);
}
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
