-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. Weβll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix a few more secure decoding issues #13886
Fix a few more secure decoding issues #13886
Conversation
EWS run on previous version of this PR (hash ed6ea78) |
ed6ea78
to
3c8b180
Compare
EWS run on previous version of this PR (hash 3c8b180) |
3c8b180
to
abd428d
Compare
EWS run on previous version of this PR (hash abd428d) |
if (auto mutableArray = dynamic_objc_cast<NSMutableArray>(object); mutableArray && rewriteMutableArray) | ||
return adoptNS([mutableArray copy]).autorelease(); | ||
if (rewriteMutableArray) { | ||
if (auto mutableArray = dynamic_objc_cast<NSMutableArray>(object); mutableArray) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if (auto mutableArray = dynamic_objc_cast<NSMutableArray>(object); mutableArray) | |
if (auto mutableArray = dynamic_objc_cast<NSMutableArray>(object)) |
if (auto mutableData = dynamic_objc_cast<NSMutableData>(object); mutableData && rewriteMutableData) | ||
return adoptNS([mutableData copy]).autorelease(); | ||
if (rewriteMutableData) { | ||
if (auto mutableData = dynamic_objc_cast<NSMutableData>(object); mutableData) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if (auto mutableData = dynamic_objc_cast<NSMutableData>(object); mutableData) | |
if (auto mutableData = dynamic_objc_cast<NSMutableData>(object)) |
if (auto mutableDict = dynamic_objc_cast<NSMutableDictionary>(object); mutableDict && rewriteMutableDictionary) | ||
return adoptNS([mutableDict copy]).autorelease(); | ||
if (rewriteMutableDictionary) { | ||
if (auto mutableDict = dynamic_objc_cast<NSMutableDictionary>(object); mutableDict) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if (auto mutableDict = dynamic_objc_cast<NSMutableDictionary>(object); mutableDict) | |
if (auto mutableDict = dynamic_objc_cast<NSMutableDictionary>(object)) |
} | ||
|
||
if (rewriteMutableString) { | ||
if (auto mutableString = dynamic_objc_cast<NSMutableString>(object); mutableString) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if (auto mutableString = dynamic_objc_cast<NSMutableString>(object); mutableString) | |
if (auto mutableString = dynamic_objc_cast<NSMutableString>(object)) |
abd428d
to
cbdf304
Compare
EWS run on current version of this PR (hash cbdf304) |
https://bugs.webkit.org/show_bug.cgi?id=256790 rdar://109286881 Reviewed by Wenson Hsieh. Reports indicate DDScannerResult can contain NSMutableStrings, which fail to decode in strict mode when expecting an NSString. Fix this by doing the same transformation from mutable to not mutable on the encoding side that we do elsewhere. Reports also indicate that NSURLRequest can contain mutable plist types like NSMutableURLRequest can. To be conservative, add the same allowed mutable plist types when decoding the two classes. The soft linking code for PAL::isDataDetectorsCoreFrameworkAvailable already effectively caches the result of dlsym, so making our own cache is redundant. Same with the other similar caches. Also, as a slight perf optimization, check the bools like rewriteMutableString first before calling dynamic_objc_cast since the former is often false, the latter is more expensive, and both need to be true to enter the condition. * Source/WebKit/Shared/Cocoa/ArgumentCodersCocoa.mm: (-[WKSecureCodingArchivingDelegate archiver:willEncodeObject:]): (-[WKSecureCodingArchivingDelegate init]): (IPC::encodeSecureCodingInternal): (IPC::shouldEnableStrictMode): (IPC::decodeSecureCodingInternal): Canonical link: https://commits.webkit.org/264079@main
cbdf304
to
b17879d
Compare
Committed 264079@main (b17879d): https://commits.webkit.org/264079@main Reviewed commits have been landed. Closing PR #13886 and removing active labels. |
b17879d
cbdf304
π§ͺ ios-wk2-wptπ§ͺ gtk-wk2π§ͺ api-ios