Modified: trunk/Source/WebKit2/ChangeLog (196065 => 196066)
--- trunk/Source/WebKit2/ChangeLog 2016-02-03 11:38:13 UTC (rev 196065)
+++ trunk/Source/WebKit2/ChangeLog 2016-02-03 16:34:29 UTC (rev 196066)
@@ -1,3 +1,19 @@
+2016-02-03 Daniel Bates <[email protected]>
+
+ REGRESSION (r194660): Legacy WebProcess crashes in ChildProcess::initializeSandbox()
+ https://bugs.webkit.org/show_bug.cgi?id=153734
+ <rdar://problem/24433179>
+
+ Reviewed by Dan Bernstein.
+
+ Fixes an issue where clients that used the legacy WebProcess bootstrapping process would crash.
+
+ Additionally, only consider the extra initialization parameter user-directory-suffix for
+ unsigned apps (e.g. WebKitTestRunner).
+
+ * Shared/mac/ChildProcessMac.mm:
+ (WebKit::ChildProcess::initializeSandbox):
+
2016-02-03 Csaba Osztrogonác <[email protected]>
Unreviewed speculative buildfix after r195979.
Modified: trunk/Source/WebKit2/Shared/mac/ChildProcessMac.mm (196065 => 196066)
--- trunk/Source/WebKit2/Shared/mac/ChildProcessMac.mm 2016-02-03 11:38:13 UTC (rev 196065)
+++ trunk/Source/WebKit2/Shared/mac/ChildProcessMac.mm 2016-02-03 16:34:29 UTC (rev 196066)
@@ -96,12 +96,9 @@
String defaultProfilePath = [webkit2Bundle pathForResource:[[NSBundle mainBundle] bundleIdentifier] ofType:@"sb"];
if (sandboxParameters.userDirectorySuffix().isNull()) {
- auto userDirectorySuffix = parameters.extraInitializationData.find("user-directory-suffix");
- if (userDirectorySuffix != parameters.extraInitializationData.end())
- sandboxParameters.setUserDirectorySuffix([makeString(userDirectorySuffix->value, '/', String([[NSBundle mainBundle] bundleIdentifier])) fileSystemRepresentation]);
- else {
- String clientIdentifierToUse;
- RetainPtr<SecCodeRef> code = findSecCodeForProcess(xpc_connection_get_pid(parameters.connectionIdentifier.xpcConnection.get()));
+ if (const OSObjectPtr<xpc_connection_t>& xpcConnection = parameters.connectionIdentifier.xpcConnection) {
+ pid_t clientProcessID = xpc_connection_get_pid(xpcConnection.get());
+ RetainPtr<SecCodeRef> code = findSecCodeForProcess(clientProcessID);
RELEASE_ASSERT(code);
CFStringRef appleSignedOrMacAppStoreSignedOrAppleDeveloperSignedRequirement = CFSTR("(anchor apple) or (anchor apple generic and certificate leaf[field.1.2.840.113635.100.6.1.9]) or (anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] and certificate leaf[field.1.2.840.113635.100.6.1.13])");
@@ -111,24 +108,27 @@
status = SecCodeCheckValidity(code.get(), kSecCSDefaultFlags, signingRequirement);
if (status == errSecSuccess) {
+ String clientIdentifierToUse;
CFDictionaryRef signingInfo = nullptr;
- if (!SecCodeCopySigningInformation(code.get(), kSecCSDefaultFlags, &signingInfo)) {
- if (CFDictionaryRef plist = dynamic_cf_cast<CFDictionaryRef>(CFDictionaryGetValue(signingInfo, kSecCodeInfoPList)))
- clientIdentifierToUse = String(dynamic_cf_cast<CFStringRef>(CFDictionaryGetValue(plist, kCFBundleIdentifierKey)));
- else
- clientIdentifierToUse = String(dynamic_cf_cast<CFStringRef>(CFDictionaryGetValue(signingInfo, kSecCodeInfoIdentifier)));
- CFRelease(signingInfo);
- }
+ status = SecCodeCopySigningInformation(code.get(), kSecCSDefaultFlags, &signingInfo);
+ RELEASE_ASSERT(status == errSecSuccess);
+ if (CFDictionaryRef plist = dynamic_cf_cast<CFDictionaryRef>(CFDictionaryGetValue(signingInfo, kSecCodeInfoPList)))
+ clientIdentifierToUse = String(dynamic_cf_cast<CFStringRef>(CFDictionaryGetValue(plist, kCFBundleIdentifierKey)));
+ else
+ clientIdentifierToUse = String(dynamic_cf_cast<CFStringRef>(CFDictionaryGetValue(signingInfo, kSecCodeInfoIdentifier)));
+ CFRelease(signingInfo);
+ RELEASE_ASSERT(!clientIdentifierToUse.isEmpty());
+ sandboxParameters.setUserDirectorySuffix(makeString(String([[NSBundle mainBundle] bundleIdentifier]), '+', clientIdentifierToUse));
} else {
// Unsigned, signed by a third party, or has an invalid/malformed signature
- clientIdentifierToUse = parameters.clientIdentifier;
+ auto userDirectorySuffix = parameters.extraInitializationData.find("user-directory-suffix");
+ if (userDirectorySuffix != parameters.extraInitializationData.end())
+ sandboxParameters.setUserDirectorySuffix([makeString(userDirectorySuffix->value, '/', String([[NSBundle mainBundle] bundleIdentifier])) fileSystemRepresentation]);
+ sandboxParameters.setUserDirectorySuffix(makeString(String([[NSBundle mainBundle] bundleIdentifier]), '+', parameters.clientIdentifier));
}
- CFRelease(signingRequirement);
- if (clientIdentifierToUse.isEmpty()) {
- WTFLogAlways("%s: Couldn't get code signed identifier for client: %d\n", getprogname(), status);
- exit(EX_NOPERM);
- }
- sandboxParameters.setUserDirectorySuffix(makeString(String([[NSBundle mainBundle] bundleIdentifier]), '+', clientIdentifierToUse));
+ } else {
+ // Legacy client
+ sandboxParameters.setUserDirectorySuffix(makeString(String([[NSBundle mainBundle] bundleIdentifier]), '+', parameters.clientIdentifier));
}
}
