Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 1bfda19669abc863671034e16c5808ae0bacf848
https://github.com/WebKit/WebKit/commit/1bfda19669abc863671034e16c5808ae0bacf848
Author: Wenson Hsieh <wenson_hs...@apple.com>
Date: 2023-12-14 (Thu, 14 Dec 2023)
Changed paths:
M Source/WebCore/page/Quirks.cpp
Log Message:
-----------
Mitigate crashes under
Quirks::advancedPrivacyProtectionSubstituteDataURLForScriptWithFeatures()
https://bugs.webkit.org/show_bug.cgi?id=266380
rdar://118479646
Reviewed by Yusuke Suzuki.
Even after the mitigations in 269984@main, we're still sometimes crashing when
attempting to
determine whether or not we should apply hard-coded canvas fingerprinting
mitigations when advanced
privacy protections are enabled. From discussing with JSC folks, this seems to
be due to the way in
which we're currently trying to walk the stack by traversing `callerFrame()`s:
```
while (!codeBlock) {
callFrame = callFrame->callerFrame();
if (!callFrame)
break;
codeBlock = callFrame->codeBlock();
}
```
Instead of implementing it this way, the JSC team recommended using
`StackVisitor::visit` instead to
walk the stack, which is the de-facto mechanism used to perform similar stack
traversals elsewhere
in the codebase. In addition, I'm also rearranging this check, so that we only
ever attempt this
relatively more expensive stack walk in the case where the `lastDrawnText`,
`canvasWidth` and
`canvasHeight` all match their expected values for the quirk.
* Source/WebCore/page/Quirks.cpp:
(WebCore::Quirks::advancedPrivacyProtectionSubstituteDataURLForScriptWithFeatures
const):
In my manual testing, I found that the source code length on some of the
affected sites has been
changed slightly; adjust this quirk to match.
Canonical link: https://commits.webkit.org/272093@main
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
