[webkit-changes] [266650] trunk/Source/WebKit

[cdumez]

Title: [266650] trunk/Source/WebKit

Revision

266650

Author

cdu...@apple.com

Date

2020-09-04 18:05:39 -0700 (Fri, 04 Sep 2020)

Log Message

handleXPCEndpointMessages does not check XPC object is an xpc_endpoint_t
https://bugs.webkit.org/show_bug.cgi?id=216196
<rdar://problem/68198293>

Reviewed by Per Arne Vollan.

Add a check to have sure the XPC object is indeed an xpc_endpoint_t before
using it.

* WebProcess/cocoa/HandleXPCEndpointMessages.mm:
(WebKit::handleXPCEndpointMessages):

Modified Paths

• trunk/Source/WebKit/ChangeLog
• trunk/Source/WebKit/WebProcess/cocoa/HandleXPCEndpointMessages.mm

Diff

Modified: trunk/Source/WebKit/ChangeLog (266649 => 266650)

--- trunk/Source/WebKit/ChangeLog	2020-09-05 00:19:43 UTC (rev 266649)
+++ trunk/Source/WebKit/ChangeLog	2020-09-05 01:05:39 UTC (rev 266650)
@@ -1,5 +1,19 @@
 2020-09-04  Chris Dumez  <cdu...@apple.com>
 
+        handleXPCEndpointMessages does not check XPC object is an xpc_endpoint_t
+        https://bugs.webkit.org/show_bug.cgi?id=216196
+        <rdar://problem/68198293>
+
+        Reviewed by Per Arne Vollan.
+
+        Add a check to have sure the XPC object is indeed an xpc_endpoint_t before
+        using it.
+
+        * WebProcess/cocoa/HandleXPCEndpointMessages.mm:
+        (WebKit::handleXPCEndpointMessages):
+
+2020-09-04  Chris Dumez  <cdu...@apple.com>
+
         Move lazy DisplayLink tear down logic from the WebProcess to the UIProcess
         https://bugs.webkit.org/show_bug.cgi?id=216195
 

Modified: trunk/Source/WebKit/WebProcess/cocoa/HandleXPCEndpointMessages.mm (266649 => 266650)

--- trunk/Source/WebKit/WebProcess/cocoa/HandleXPCEndpointMessages.mm	2020-09-05 00:19:43 UTC (rev 266649)
+++ trunk/Source/WebKit/WebProcess/cocoa/HandleXPCEndpointMessages.mm	2020-09-05 01:05:39 UTC (rev 266650)
@@ -45,8 +45,10 @@
         return;
 
     if (messageName == LaunchServicesDatabaseXPCConstants::xpcLaunchServicesDatabaseXPCEndpointMessageName) {
-        auto endpoint = xpc_dictionary_get_value(event, LaunchServicesDatabaseXPCConstants::xpcLaunchServicesDatabaseXPCEndpointNameKey);
-        LaunchServicesDatabaseManager::singleton().setEndpoint(endpoint);
+        auto xpcEndPoint = xpc_dictionary_get_value(event, LaunchServicesDatabaseXPCConstants::xpcLaunchServicesDatabaseXPCEndpointNameKey);
+        if (!xpcEndPoint || xpc_get_type(xpcEndPoint) != XPC_TYPE_ENDPOINT)
+            return;
+        LaunchServicesDatabaseManager::singleton().setEndpoint(xpcEndPoint);
         return;
     }
 #endif

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes