-
Notifications
You must be signed in to change notification settings - Fork 1.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Mitigate crashes under Quirks::advancedPrivacyProtectionSubstituteDataURLForScriptWithFeatures() #21773
Conversation
EWS run on previous version of this PR (hash 06fea41) |
EWS run on previous version of this PR (hash 43128a9)
|
EWS run on current version of this PR (hash 17a8d58) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
r=me
Thanks for the review! |
…aURLForScriptWithFeatures() https://bugs.webkit.org/show_bug.cgi?id=266380 rdar://118479646 Reviewed by Yusuke Suzuki. Even after the mitigations in 269984@main, we're still sometimes crashing when attempting to determine whether or not we should apply hard-coded canvas fingerprinting mitigations when advanced privacy protections are enabled. From discussing with JSC folks, this seems to be due to the way in which we're currently trying to walk the stack by traversing `callerFrame()`s: ``` while (!codeBlock) { callFrame = callFrame->callerFrame(); if (!callFrame) break; codeBlock = callFrame->codeBlock(); } ``` Instead of implementing it this way, the JSC team recommended using `StackVisitor::visit` instead to walk the stack, which is the de-facto mechanism used to perform similar stack traversals elsewhere in the codebase. In addition, I'm also rearranging this check, so that we only ever attempt this relatively more expensive stack walk in the case where the `lastDrawnText`, `canvasWidth` and `canvasHeight` all match their expected values for the quirk. * Source/WebCore/page/Quirks.cpp: (WebCore::Quirks::advancedPrivacyProtectionSubstituteDataURLForScriptWithFeatures const): In my manual testing, I found that the source code length on some of the affected sites has been changed slightly; adjust this quirk to match. Canonical link: https://commits.webkit.org/272093@main
17a8d58
to
1bfda19
Compare
Committed 272093@main (1bfda19): https://commits.webkit.org/272093@main Reviewed commits have been landed. Closing PR #21773 and removing active labels. |
1bfda19
17a8d58
🧪 ios-wk2-wpt🛠 tv-sim