Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Cherry-pick 1bfda19. rdar://11847946
Mitigate crashes under Quirks::advancedPrivacyProtectionSubstituteDataURLForScriptWithFeatures() https://bugs.webkit.org/show_bug.cgi?id=266380 rdar://118479646 Reviewed by Yusuke Suzuki. Even after the mitigations in 269984@main, we're still sometimes crashing when attempting to determine whether or not we should apply hard-coded canvas fingerprinting mitigations when advanced privacy protections are enabled. From discussing with JSC folks, this seems to be due to the way in which we're currently trying to walk the stack by traversing `callerFrame()`s: ``` while (!codeBlock) { callFrame = callFrame->callerFrame(); if (!callFrame) break; codeBlock = callFrame->codeBlock(); } ``` Instead of implementing it this way, the JSC team recommended using `StackVisitor::visit` instead to walk the stack, which is the de-facto mechanism used to perform similar stack traversals elsewhere in the codebase. In addition, I'm also rearranging this check, so that we only ever attempt this relatively more expensive stack walk in the case where the `lastDrawnText`, `canvasWidth` and `canvasHeight` all match their expected values for the quirk. * Source/WebCore/page/Quirks.cpp: (WebCore::Quirks::advancedPrivacyProtectionSubstituteDataURLForScriptWithFeatures const): In my manual testing, I found that the source code length on some of the affected sites has been changed slightly; adjust this quirk to match. Canonical link: https://commits.webkit.org/272093@main Identifier: 267815.654@safari-7617-branch
- Loading branch information