[GPU Process] Ensure that only supported image decoders run in the We…

…bProcess https://bugs.webkit.org/show_bug.cgi?id=256852 rdar://109414332 Reviewed by Brent Fulgham. Ensure that ImageIO is allowed to decode only the (default + additional) supported image types even outside WebKit rendering code path for example displaying a bitmap image in a PDF document. This work will be done for WK2 only. WK1 allows setting the prefrences only after creating the WebView. And we use the prefrences to set the additional supported image types. So there is no way to pass to know additional supported image types when the WebView is created. And ImageIO expects CGImageSourceSetAllowableTypes() to be called only once. * Source/WebCore/platform/graphics/cg/UTIRegistry.cpp: (WebCore::allowableImageTypes): * Source/WebCore/platform/graphics/cg/UTIRegistry.h: * Source/WebCore/platform/network/mac/UTIUtilities.h: * Source/WebCore/platform/network/mac/UTIUtilities.mm: (WebCore::setImageSourceAllowableTypes): * Source/WebKit/GPUProcess/GPUProcess.cpp: (WebKit::GPUProcess::initializeGPUProcess): * Source/WebKit/WebProcess/WebPage/Cocoa/WebPageCocoa.mm: (WebKit::WebPage::platformInitialize): * Source/WebKit/WebProcess/WebPage/WebPage.cpp: (WebKit::m_historyItemClient): Canonical link: https://commits.webkit.org/270228@main
WebKit · Nov 4, 2023 · e2934b9 · e2934b9
1 parent 0cf3ba9
commit e2934b9
Show file tree

Hide file tree

Showing 7 changed files with 42 additions and 12 deletions.
diff --git a/Source/WebCore/platform/graphics/cg/UTIRegistry.cpp b/Source/WebCore/platform/graphics/cg/UTIRegistry.cpp
@@ -146,6 +146,20 @@ ALLOW_DEPRECATED_DECLARATIONS_BEGIN
 ALLOW_DEPRECATED_DECLARATIONS_END
 }
 
+Vector<String> allowableImageTypes()
+{
+    auto allowableImageTypes = copyToVector(defaultSupportedImageTypes());
+    auto additionalImageTypes = copyToVector(additionalSupportedImageTypes());
+    allowableImageTypes.appendVector(additionalImageTypes);
+#if HAVE(AVIF)
+    // AVIF might be embedded in a HEIF container. So HEIF/HEIC decoding have
+    // to be allowed to get AVIF decoded.
+    allowableImageTypes.append("public.heif"_s);
+    allowableImageTypes.append("public.heic"_s);
+#endif
+    return allowableImageTypes;
 }
 
-#endif
+} // namespace WebCore
+
+#endif // USE(CG)
diff --git a/Source/WebCore/platform/graphics/cg/UTIRegistry.h b/Source/WebCore/platform/graphics/cg/UTIRegistry.h
@@ -35,8 +35,9 @@ MemoryCompactRobinHoodHashSet<String>& additionalSupportedImageTypes();
 WEBCORE_EXPORT void setAdditionalSupportedImageTypes(const Vector<String>&);
 WEBCORE_EXPORT void setAdditionalSupportedImageTypesForTesting(const String&);
 WEBCORE_EXPORT bool isSupportedImageType(const String&);
+WEBCORE_EXPORT Vector<String> allowableImageTypes();
 bool isGIFImageType(StringView);
 String preferredExtensionForImageType(const String& type);
 String MIMETypeForImageType(const String& type);
 
-}
+} // namespace WebCore
diff --git a/Source/WebCore/platform/network/mac/UTIUtilities.h b/Source/WebCore/platform/network/mac/UTIUtilities.h
@@ -35,4 +35,6 @@ RetainPtr<CFStringRef> mimeTypeFromUTITree(CFStringRef);
 WEBCORE_EXPORT String UTIFromMIMEType(const String&);
 bool isDeclaredUTI(const String&);
 WEBCORE_EXPORT String UTIFromTag(const String& tagClass, const String& tag, const String& conformingToUTI);
-}
+WEBCORE_EXPORT void setImageSourceAllowableTypes(const Vector<String>&);
+
+} // namespace WebCore
diff --git a/Source/WebCore/platform/network/mac/UTIUtilities.mm b/Source/WebCore/platform/network/mac/UTIUtilities.mm
@@ -33,11 +33,16 @@
 #import <wtf/TinyLRUCache.h>
 #import <wtf/cf/TypeCastsCF.h>
 #import <wtf/text/WTFString.h>
+#include <wtf/cocoa/VectorCocoa.h>
 
 #if PLATFORM(IOS_FAMILY)
 #import <MobileCoreServices/MobileCoreServices.h>
 #endif
 
+#if HAVE(CGIMAGESOURCE_WITH_SET_ALLOWABLE_TYPES)
+#include <pal/spi/cg/ImageIOSPI.h>
+#endif
+
 namespace WebCore {
 
 String MIMETypeFromUTI(const String& uti)
@@ -149,4 +154,14 @@ String UTIFromTag(const String& tagClass, const String& tag, const String& confo
     return u.get();
 }
 
+void setImageSourceAllowableTypes(const Vector<String>& supportedImageTypes)
+{
+#if HAVE(CGIMAGESOURCE_WITH_SET_ALLOWABLE_TYPES)
+    auto allowableTypes = createNSArray(supportedImageTypes);
+    CGImageSourceSetAllowableTypes((__bridge CFArrayRef)allowableTypes.get());
+#else
+    UNUSED_PARAM(supportedImageTypes);
+#endif
 }
+
+} // namespace WebCore
diff --git a/Source/WebKit/GPUProcess/GPUProcess.cpp b/Source/WebKit/GPUProcess/GPUProcess.cpp
@@ -74,13 +74,10 @@
 #if PLATFORM(COCOA)
 #include "ArgumentCodersCocoa.h"
 #include <WebCore/CoreAudioSharedUnit.h>
+#include <WebCore/UTIUtilities.h>
 #include <WebCore/VP9UtilitiesCocoa.h>
 #endif
 
-#if HAVE(CGIMAGESOURCE_WITH_SET_ALLOWABLE_TYPES)
-#include <pal/spi/cg/ImageIOSPI.h>
-#endif
-
 #if HAVE(SCREEN_CAPTURE_KIT)
 #include <WebCore/ScreenCaptureKitCaptureSource.h>
 #endif
@@ -268,9 +265,8 @@ void GPUProcess::initializeGPUProcess(GPUProcessCreationParameters&& parameters)
     SandboxExtension::consumePermanently(parameters.gpuToolsExtensionHandles);
 #endif
 
-#if HAVE(CGIMAGESOURCE_WITH_SET_ALLOWABLE_TYPES)
-    auto emptyArray = adoptCF(CFArrayCreate(kCFAllocatorDefault, nullptr, 0, &kCFTypeArrayCallBacks));
-    CGImageSourceSetAllowableTypes(emptyArray.get());
+#if PLATFORM(COCOA)
+    WebCore::setImageSourceAllowableTypes({ });
 #endif
 
 #if USE(GBM)

diff --git a/Source/WebKit/WebProcess/WebPage/Cocoa/WebPageCocoa.mm b/Source/WebKit/WebProcess/WebPage/Cocoa/WebPageCocoa.mm
@@ -72,6 +72,8 @@
 #import <WebCore/RenderLayer.h>
 #import <WebCore/RenderedDocumentMarker.h>
 #import <WebCore/TextIterator.h>
+#import <WebCore/UTIRegistry.h>
+#import <WebCore/UTIUtilities.h>
 #import <pal/spi/cocoa/LaunchServicesSPI.h>
 #import <pal/spi/cocoa/QuartzCoreSPI.h>
 
@@ -112,6 +114,8 @@
 #if PLATFORM(IOS_FAMILY)
     setInsertionPointColor(parameters.insertionPointColor);
 #endif
+    WebCore::setAdditionalSupportedImageTypes(parameters.additionalSupportedImageTypes);
+    WebCore::setImageSourceAllowableTypes(WebCore::allowableImageTypes());
 }
 
 void WebPage::platformDidReceiveLoadParameters(const LoadParameters& parameters)

diff --git a/Source/WebKit/WebProcess/WebPage/WebPage.cpp b/Source/WebKit/WebProcess/WebPage/WebPage.cpp
@@ -336,7 +336,6 @@
 #include "WKStringCF.h"
 #include "WebRemoteObjectRegistry.h"
 #include <WebCore/LegacyWebArchive.h>
-#include <WebCore/UTIRegistry.h>
 #include <pal/spi/cg/ImageIOSPI.h>
 #include <wtf/MachSendRight.h>
 #include <wtf/spi/darwin/SandboxSPI.h>
@@ -964,7 +963,6 @@ WebPage::WebPage(PageIdentifier pageID, WebPageCreationParameters&& parameters)
 
 #if PLATFORM(COCOA)
     setSmartInsertDeleteEnabled(parameters.smartInsertDeleteEnabled);
-    WebCore::setAdditionalSupportedImageTypes(parameters.additionalSupportedImageTypes);
 #endif
 
 #if HAVE(APP_ACCENT_COLORS)