Restrict the length of requested web locks names

https://bugs.webkit.org/show_bug.cgi?id=262920 rdar://116189077 Reviewed by Brent Fulgham. Restrict the length of requested web locks names to prevent abuse. * LayoutTests/http/wpt/web-locks/lock-name-length-restriction.https-expected.txt: Added. * LayoutTests/http/wpt/web-locks/lock-name-length-restriction.https.html: Added. * Source/WebCore/Headers.cmake: * Source/WebCore/Modules/web-locks/WebLock.h: * Source/WebCore/Modules/web-locks/WebLockManager.cpp: (WebCore::WebLockManager::request): * Source/WebCore/WebCore.xcodeproj/project.pbxproj: * Source/WebKit/UIProcess/WebLockRegistryProxy.cpp: (WebKit::WebLockRegistryProxy::requestLock): Originally-landed-as: 267815.246@safari-7617-branch (85aba6b). rdar://119577065 Canonical link: https://commits.webkit.org/272250@main
WebKit · Dec 19, 2023 · a94a8a6 · a94a8a6
1 parent b3d60d3
commit a94a8a6
Show file tree

Hide file tree

Showing 7 changed files with 25 additions and 1 deletion.
diff --git a/LayoutTests/http/wpt/web-locks/lock-name-length-restriction.https-expected.txt b/LayoutTests/http/wpt/web-locks/lock-name-length-restriction.https-expected.txt
@@ -0,0 +1,3 @@
+
+PASS Requested lock name cannot be too long
+
diff --git a/LayoutTests/http/wpt/web-locks/lock-name-length-restriction.https.html b/LayoutTests/http/wpt/web-locks/lock-name-length-restriction.https.html
@@ -0,0 +1,11 @@
+<!DOCTYPE HTML>
+<meta charset=utf-8>
+<title>Requested lock name cannot be too long</title>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script>
+promise_test(async t => {
+  const name = 'x'.repeat(1025);
+  await promise_rejects_dom(t, 'NotSupportedError', navigator.locks.request(name, lock => {}));
+}, "Requested lock name cannot be too long");
+</script>
diff --git a/Source/WebCore/Headers.cmake b/Source/WebCore/Headers.cmake
@@ -573,6 +573,7 @@ set(WebCore_PRIVATE_FRAMEWORK_HEADERS
 
     Modules/system-preview/ARKitBadgeSystemImage.h
 
+    Modules/web-locks/WebLock.h
     Modules/web-locks/WebLockIdentifier.h
     Modules/web-locks/WebLockManagerSnapshot.h
     Modules/web-locks/WebLockMode.h

diff --git a/Source/WebCore/Modules/web-locks/WebLock.h b/Source/WebCore/Modules/web-locks/WebLock.h
@@ -36,6 +36,8 @@ class WebLock : public RefCounted<WebLock> {
 public:
     static Ref<WebLock> create(WebLockIdentifier, const String& name, WebLockMode);
 
+    static constexpr unsigned maxNameLength = { 1024 };
+
     WebLockIdentifier identifier() const { return m_identifier; }
     const String& name() const { return m_name; }
     WebLockMode mode() const { return m_mode; }

diff --git a/Source/WebCore/Modules/web-locks/WebLockManager.cpp b/Source/WebCore/Modules/web-locks/WebLockManager.cpp
@@ -199,6 +199,11 @@ void WebLockManager::request(const String& name, Options&& options, Ref<WebLockG
         return;
     }
 
+    if (name.length() > WebLock::maxNameLength) {
+        releasePromise->reject(ExceptionCode::NotSupportedError, makeString("Lock name cannot cannot be longer than "_s, WebLock::maxNameLength, " characters"));
+        return;
+    }
+
     if (options.steal && options.ifAvailable) {
         releasePromise->reject(ExceptionCode::NotSupportedError, "WebLockOptions's steal and ifAvailable cannot both be true"_s);
         return;

diff --git a/Source/WebCore/WebCore.xcodeproj/project.pbxproj b/Source/WebCore/WebCore.xcodeproj/project.pbxproj
@@ -1639,7 +1639,7 @@
 		4644F7F7272A1C1B0055599E /* WebLockMode.h in Headers */ = {isa = PBXBuildFile; fileRef = 4644F7EB272A1C160055599E /* WebLockMode.h */; settings = {ATTRIBUTES = (Private, ); }; };
 		4644F7F8272A1C1F0055599E /* WebLockGrantedCallback.h in Headers */ = {isa = PBXBuildFile; fileRef = 4644F7EE272A1C160055599E /* WebLockGrantedCallback.h */; };
 		4644F7F9272A1C210055599E /* WebLockManager.h in Headers */ = {isa = PBXBuildFile; fileRef = 4644F7F0272A1C160055599E /* WebLockManager.h */; };
-		4644F7FA272A1C250055599E /* WebLock.h in Headers */ = {isa = PBXBuildFile; fileRef = 4644F7F3272A1C160055599E /* WebLock.h */; };
+		4644F7FA272A1C250055599E /* WebLock.h in Headers */ = {isa = PBXBuildFile; fileRef = 4644F7F3272A1C160055599E /* WebLock.h */; settings = {ATTRIBUTES = (Private, ); }; };
 		4646C05C2A4B753F0010EA72 /* SVGPathStringViewSource.h in Headers */ = {isa = PBXBuildFile; fileRef = 4646C05B2A4B752D0010EA72 /* SVGPathStringViewSource.h */; };
 		464CAF09274331A7003B9E41 /* WebLockRegistry.h in Headers */ = {isa = PBXBuildFile; fileRef = 464CAF0827433199003B9E41 /* WebLockRegistry.h */; settings = {ATTRIBUTES = (Private, ); }; };
 		464D4C7E28D24080001C47C7 /* FetchRequestDestination.h in Headers */ = {isa = PBXBuildFile; fileRef = 464D4C7D28D2407B001C47C7 /* FetchRequestDestination.h */; };

diff --git a/Source/WebKit/UIProcess/WebLockRegistryProxy.cpp b/Source/WebKit/UIProcess/WebLockRegistryProxy.cpp
@@ -31,6 +31,7 @@
 #include "WebLockRegistryProxyMessages.h"
 #include "WebProcessProxy.h"
 #include "WebsiteDataStore.h"
+#include <WebCore/WebLock.h>
 #include <WebCore/WebLockIdentifier.h>
 #include <WebCore/WebLockManagerSnapshot.h>
 #include <WebCore/WebLockRegistry.h>
@@ -54,6 +55,7 @@ void WebLockRegistryProxy::requestLock(WebCore::ClientOrigin&& clientOrigin, Web
 {
     MESSAGE_CHECK(lockIdentifier.processIdentifier() == m_process.coreProcessIdentifier());
     MESSAGE_CHECK(clientID.processIdentifier() == m_process.coreProcessIdentifier());
+    MESSAGE_CHECK(name.length() <= WebCore::WebLock::maxNameLength);
     m_hasEverRequestedLocks = true;
 
     auto* dataStore = m_process.websiteDataStore();