Skip to site navigation (Press enter)

[webkit-changes] [271916] trunk/Source/WebKit

bfulgham Tue, 26 Jan 2021 16:06:55 -0800

Title: [271916] trunk/Source/WebKit

Revision: 271916
Author: [email protected]
Date: 2021-01-26 16:05:59 -0800 (Tue, 26 Jan 2021)

Log Message

IPC::Decoder constructor should mark the Decoder as invalid if header decoding fails
https://bugs.webkit.org/show_bug.cgi?id=220990
<rdar://problem/64984186>


Reviewed by Darin Adler.

Mark the decoder as invalid if any of the decode operations fail, not just the first one.

* Platform/IPC/Decoder.cpp:

Modified Paths

trunk/Source/WebKit/ChangeLog
trunk/Source/WebKit/Platform/IPC/Decoder.cpp

Diff

Modified: trunk/Source/WebKit/ChangeLog (271915 => 271916)


--- trunk/Source/WebKit/ChangeLog	2021-01-27 00:03:40 UTC (rev 271915)
+++ trunk/Source/WebKit/ChangeLog	2021-01-27 00:05:59 UTC (rev 271916)
@@ -1,5 +1,17 @@
 2021-01-26  Brent Fulgham  <[email protected]>
 
+        IPC::Decoder constructor should mark the Decoder as invalid if header decoding fails 
+        https://bugs.webkit.org/show_bug.cgi?id=220990
+        <rdar://problem/64984186>
+
+        Reviewed by Darin Adler.
+
+        Mark the decoder as invalid if any of the decode operations fail, not just the first one.
+
+        * Platform/IPC/Decoder.cpp:
+
+2021-01-26  Brent Fulgham  <[email protected]>
+
         Harden NetworkProcess against integer overflow in CacheStorageEngine size calculation
         https://bugs.webkit.org/show_bug.cgi?id=220997
         <rdar://problem/66116827>

Modified: trunk/Source/WebKit/Platform/IPC/Decoder.cpp (271915 => 271916)


--- trunk/Source/WebKit/Platform/IPC/Decoder.cpp	2021-01-27 00:03:40 UTC (rev 271915)
+++ trunk/Source/WebKit/Platform/IPC/Decoder.cpp	2021-01-27 00:05:59 UTC (rev 271916)
@@ -64,14 +64,20 @@
         return;
     }
 
-    if (!decode(m_messageFlags))
+    if (!decode(m_messageFlags)) {
+        markInvalid();
         return;
+    }
 
-    if (!decode(m_messageName))
+    if (!decode(m_messageName)) {
+        markInvalid();
         return;
+    }
 
-    if (!decode(m_destinationID))
+    if (!decode(m_destinationID)) {
+        markInvalid();
         return;
+    }
 }
 
 Decoder::Decoder(const uint8_t* buffer, size_t bufferSize, ConstructWithoutHeaderTag)

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes