New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Initialize object caches in a safer manner #14333
Conversation
See test results for failed build of commit 87a0aef2eb |
Co-authored-by: Reef Turner <feerrenrut@users.noreply.github.com>
…/nvda into safer-object-cache-init
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's worth noting that this couples isWindowsLocked()
with NVDA initialization and each of:
api. setDesktopObject()
api.setForegroundObject()
api.setFocusObject()
api.setNavigatorObject()
api.setMouseObject()
The approach taken here allows for a smaller change, and lower risk in this PR.
Ideally, each code path that might be blocked by isWindowsLocked()
is considered and explicitly allows an exception for initialization. I expect that when the api.setXXX
functions are refactored to allow independent initialization without calling through to app modules etc. the new init versions of those methods will be the only place the exception (for not calling isWindowsLocked()
is required.
Link to issue number:
none
Summary of the issue:
During NVDA initialization, the api module is used to set initial object caches.
These api functions check if an object is behind the lock screen when Windows is locked before setting the cache.
Until #14301, the api module initialised the object caches to the desktop object.
When NVDA started on the lock screen, it failed to set the desktop object due to the added security checks.
Now the object caches are initialised to the foreground window, to avoid leaking insecure information.
Unfortunately, setting those object caches causes side-effects, which may rely on uninitialized dependencies.
Description of user facing changes
None
Description of development approach
Revert to setting initial object caches to the desktop object.
Ensure security failures are not raised when initialising caches by ignoring the windows lock state.
Testing strategy:
Manual testing
Use speech, enable error sounds, and monitor the logs for errors/warnings.
Known issues with pull request:
None
Change log entries:
None, fixes unreleased regression
Code Review Checklist: