Skip to content
Permalink
Browse files
[SOUP] Follow-up robustness improvements to the certificate decoder
https://bugs.webkit.org/show_bug.cgi?id=191892

Reviewed by Michael Catanzaro.

If at any point the certificate fails to be constructed from
the DER data, bail out. Likewise, if the certificate returned
is NULL, return false from the decoder to notify the failure
to decode it.

* platform/network/soup/CertificateInfo.h:
(WTF::Persistence::certificateFromCertificatesDataList):
(WTF::Persistence::Coder<WebCore::CertificateInfo>::decode):

Canonical link: https://commits.webkit.org/206598@main
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@238426 268f45cc-cd09-0410-ab3c-d52691b4dbfc
  • Loading branch information
csaavedra committed Nov 21, 2018
1 parent 5a1e0a0 commit 327ea2b244a70165704b45886853fb76682169f1
Showing with 22 additions and 1 deletion.
  1. +16 −0 Source/WebCore/ChangeLog
  2. +6 −1 Source/WebCore/platform/network/soup/CertificateInfo.h
@@ -1,3 +1,19 @@
2018-11-21 Claudio Saavedra <csaavedra@igalia.com>

[SOUP] Follow-up robustness improvements to the certificate decoder
https://bugs.webkit.org/show_bug.cgi?id=191892

Reviewed by Michael Catanzaro.

If at any point the certificate fails to be constructed from
the DER data, bail out. Likewise, if the certificate returned
is NULL, return false from the decoder to notify the failure
to decode it.

* platform/network/soup/CertificateInfo.h:
(WTF::Persistence::certificateFromCertificatesDataList):
(WTF::Persistence::Coder<WebCore::CertificateInfo>::decode):

2018-11-21 Zalan Bujtas <zalan@apple.com>

[LFC][IFC] Border should be considered as non-breakable space
@@ -119,6 +119,8 @@ static GRefPtr<GTlsCertificate> certificateFromCertificatesDataList(const Vector
for (auto& certificateData : certificatesDataList) {
certificate = adoptGRef(G_TLS_CERTIFICATE(g_initable_new(
certificateType, nullptr, nullptr, "certificate", certificateData.get(), "issuer", certificate.get(), nullptr)));
if (!certificate)
break;
}

return certificate;
@@ -145,7 +147,10 @@ template<> struct Coder<WebCore::CertificateInfo> {

if (certificatesDataList.isEmpty())
return true;
certificateInfo.setCertificate(certificateFromCertificatesDataList(certificatesDataList).get());
auto certificate = certificateFromCertificatesDataList(certificatesDataList);
if (!certificate)
return false;
certificateInfo.setCertificate(certificate.get());

uint32_t tlsErrors;
if (!decoder.decode(tlsErrors))

0 comments on commit 327ea2b

Please sign in to comment.