Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 235ea5801184534cc4fe85b818c642eeea8849c3
https://github.com/WebKit/WebKit/commit/235ea5801184534cc4fe85b818c642eeea8849c3
Author: Scott Marcy <[email protected]>
Date: 2024-01-24 (Wed, 24 Jan 2024)
Changed paths:
M LayoutTests/TestExpectations
A LayoutTests/ipc/invalid-fullscreen-enum-expected.txt
A LayoutTests/ipc/invalid-fullscreen-enum.html
A LayoutTests/ipc/resources/1080i60_SMPTE_8CH_audible.mov
M Source/WebCore/platform/graphics/MediaPlayerEnums.h
M Source/WebKit/UIProcess/Cocoa/VideoPresentationManagerProxy.mm
Log Message:
-----------
rdar://115106974 (SEGV in -[NSView resizeSubviewsWithOldSize:])
Checks that the VideoFullscreenMode argument for two IPC calls is valid and
invalidates the IPC message if not.
Reviewed by Alex Christensen (achristensen07).
If the VideoFullscreenMode value is not as expected it IPC message will be
marked as invalid, which is supposed
to crash the content process thereby thwarting any attempted attack through
this mechanism.
* LayoutTests/TestExpectations:
* LayoutTests/ipc/invalid-fullscreen-enum-expected.txt: Added.
* LayoutTests/ipc/invalid-fullscreen-enum.html: Added.
* LayoutTests/ipc/resources/1080i60_SMPTE_8CH_audible.mov: Added.
* Source/WebCore/platform/graphics/MediaPlayerEnums.h:
* Source/WebKit/UIProcess/Cocoa/VideoPresentationManagerProxy.mm:
(WebKit::VideoPresentationManagerProxy::setupFullscreenWithID):
(WebKit::VideoPresentationManagerProxy::exitFullscreenWithoutAnimationToMode):
Originally-landed-as: 267815.636@safari-7617-branch (cc4e54ad41c9).
rdar://121480101
Canonical link: https://commits.webkit.org/273472@main
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
