from:"mscottapple"

[webkit-changes] [WebKit/WebKit] c53621: Versioning.

2024-07-31 Thread mscottapple

  Branch: refs/heads/safari-7618.3.11.11-branch
  Home:   https://github.com/WebKit/WebKit
  Commit: c5362127111b42249784671dbdb835edd9bc8e96
  
https://github.com/WebKit/WebKit/commit/c5362127111b42249784671dbdb835edd9bc8e96
  Author: Mohsin Qureshi 
  Date:   2024-07-02 (Tue, 02 Jul 2024)

  Changed paths:
M Configurations/Version.xcconfig

  Log Message:
  ---
  Versioning.

WebKit-7618.3.11.11.1

Canonical link: 
https://commits.webkit.org/272448.1100@safari-7618.3.11.11-branch


  Commit: 830f7ba72e969a8c5f2d99464fcb3064bf9bed94
  
https://github.com/WebKit/WebKit/commit/830f7ba72e969a8c5f2d99464fcb3064bf9bed94
  Author: Chris Dumez 
  Date:   2024-07-02 (Tue, 02 Jul 2024)

  Changed paths:
M Source/WebCore/Modules/webaudio/AudioBufferSourceNode.cpp

  Log Message:
  ---
  Cherry-pick bb685c487850. rdar://130531570

REGRESSION (iOS 17.6 beta): Hangs on realmahjongg.com and realcanasta.com 
(both Safari and WKWebView)
https://bugs.webkit.org/show_bug.cgi?id=275852
rdar://130531570

Reviewed by Jer Noble.

AudioBufferSourceNode::setBufferForBindings() was running on the main 
thread and
acquiring first the graphLock and then the processLock. 
AudioBufferSourceNode::process()
would then run on the audio thread and acquire the processLock first and 
then ref the
AudioBufferSourceNode, which would acquire the graphLock. The reversed 
ordering in
which the locks are acquired would mean that we could deadlock.

* Source/WebCore/Modules/webaudio/AudioBufferSourceNode.cpp:
(WebCore::AudioBufferSourceNode::setBufferForBindings):

Canonical link: https://commits.webkit.org/272448.1101@safari-7618-branch

Canonical link: 
https://commits.webkit.org/272448.1101@safari-7618.3.11.11-branch


  Commit: 4d7e1206db7a8c83c2ee6aa6b3742f2e696b5f0e
  
https://github.com/WebKit/WebKit/commit/4d7e1206db7a8c83c2ee6aa6b3742f2e696b5f0e
  Author: Mohsin Qureshi 
  Date:   2024-07-03 (Wed, 03 Jul 2024)

  Changed paths:
M Configurations/Version.xcconfig

  Log Message:
  ---
  Versioning.

WebKit-7618.3.11.11.2

Canonical link: 
https://commits.webkit.org/272448.1102@safari-7618.3.11.11-branch


  Commit: 52d543a7d2f24b503480c2e70515216cd591a856
  
https://github.com/WebKit/WebKit/commit/52d543a7d2f24b503480c2e70515216cd591a856
  Author: Daniel Liu 
  Date:   2024-07-03 (Wed, 03 Jul 2024)

  Changed paths:
A JSTests/wasm/stress/funcref-types.js
M Source/JavaScriptCore/wasm/WasmFunctionParser.h

  Log Message:
  ---
  Cherry-pick 5b25ef6f6add. rdar://130746587

ref.as_non_null does not validate argument type
https://bugs.webkit.org/show_bug.cgi?id=276097
rdar://130746587

Reviewed by Yusuke Suzuki.

The function parser does not ensure ref.as_not_null takes in the correct 
type; this may lead to issues downstream because of incorrect validation.

* Source/JavaScriptCore/wasm/WasmFunctionParser.h:
(JSC::Wasm::FunctionParser::parseExpression):

Canonical link: https://commits.webkit.org/272448.1102@safari-7618-branch

Canonical link: 
https://commits.webkit.org/272448.1103@safari-7618.3.11.11-branch


  Commit: cc3803a8ab5f541b0dfc9a1da0a21dfd18595fa2
  
https://github.com/WebKit/WebKit/commit/cc3803a8ab5f541b0dfc9a1da0a21dfd18595fa2
  Author: Wenson Hsieh 
  Date:   2024-07-03 (Wed, 03 Jul 2024)

  Changed paths:
M Source/WebKit/UIProcess/ios/WKContentViewInteraction.h
M Source/WebKit/UIProcess/ios/WKContentViewInteraction.mm

  Log Message:
  ---
  Cherry-pick bf0c0decaac7. rdar://130610141

Cherry-pick 703a5b6bfcf1. rdar://130610141

REGRESSION (iOS 17.2): Infinite recursion in 
-[WKContentView(WKInteraction) inputViewForWebView]
https://bugs.webkit.org/show_bug.cgi?id=275171
rdar://127722998

Reviewed by Richard Robinson.

The changes in rdar://116751305&104994662 seem to have made it possible 
for `-inputViewForWebView`
to trigger infinite recursion, due to a new `-[UITextInputAssistantItem 
leadingBarButtonGroups]`
KVO listener in UIKit. Underneath this new KVO logic, UIKit calls into 
some internal methods which
ultimately call back into `-[WKContentView inputViewForWebView]`. In 
order of stack depth (growing
downwards), the reentrant calls to update the input accessory view look 
like this:

```
-[WKContentView(WKInteraction) _updateAccessory]
-[WKContentView(WKInteraction) formAccessoryView]
-[WKFormAccessoryView _initForUniversalControlBar:] // <--- Setting up 
WKFormAccessoryView

  … (KVO triggered by setting leading/trailing bar button groups)

-[UISystemInputAssistantViewController 
observeValueForKeyPath:ofObject:change:context:]
-[TUISystemInputAssistantView setInputAssistantItem:force:]

  … (UIKit internals)

-[UIKeyboardSceneDelegate expectedInputViewSetIsCustom]
-[WKContentView(WKInteraction)

[webkit-changes] [WebKit/WebKit] 127c06: Cherry-pick 272448.946@safari-7618-branch (110ae76...

2024-07-31 Thread mscottapple

  Branch: refs/heads/webkitglib/2.44
  Home:   https://github.com/WebKit/WebKit
  Commit: 127c061152a06f045188e7cdbd1715a0884a29e1
  
https://github.com/WebKit/WebKit/commit/127c061152a06f045188e7cdbd1715a0884a29e1
  Author: Nitin Mahendru 
  Date:   2024-07-31 (Wed, 31 Jul 2024)

  Changed paths:
M Source/WebCore/bindings/js/SerializedScriptValue.cpp
M Tools/TestWebKitAPI/Tests/WebCore/SerializedScriptValue.cpp

  Log Message:
  ---
  Cherry-pick 272448.946@safari-7618-branch (110ae765d426). 
https://bugs.webkit.org/show_bug.cgi?id=272530

CloneDeserializer readTerminal crash
rdar://126132442
https://bugs.webkit.org/show_bug.cgi?id=272530

Reviewed by Alex Christensen.

Limiting the the depth for serializing/deserializing recursive objects like:
var array = []... 2000 times

* Tools/TestWebKitAPI/Tests/WebCore/SerializedScriptValue.cpp:
(TestWebKitAPI::TEST):
* Source/WebCore/bindings/js/SerializedScriptValue.cpp:
(WebCore::CloneBase::CloneBase):
(WebCore::CloneBase::isSafeToRecurse):
(WebCore::CloneDeserializer::readArrayBufferViewImpl):
(WebCore::CloneDeserializer::readArrayBufferView):
(WebCore::CloneDeserializer::readTerminal):

Canonical link: https://commits.webkit.org/274313.329@webkitglib/2.44


  Commit: c4c067615638587b793b01829338318089b88eb2
  
https://github.com/WebKit/WebKit/commit/c4c067615638587b793b01829338318089b88eb2
  Author: Nisha Jain 
  Date:   2024-07-31 (Wed, 31 Jul 2024)

  Changed paths:
A 
LayoutTests/fast/css/font-size-adjust-from-style-invalid-value-expected.txt
A LayoutTests/fast/css/font-size-adjust-from-style-invalid-value.html
M Source/WebCore/css/ComputedStyleExtractor.cpp

  Log Message:
  ---
  Cherry-pick 272448.951@safari-7618-branch (5e92cb84fde1). 
https://bugs.webkit.org/show_bug.cgi?id=272821

WebCore::fontSizeAdjustFromStyle; 
WebCore::ComputedStyleExtractor::valueForPropertyInStyle; 
WebCore::ComputedStyleExtractor::propertyValue
https://bugs.webkit.org/show_bug.cgi?id=272821
rdar://126112927

Reviewed by Sihui Liu and Darin Adler.

Crash happens in fontSizeAdjustFromStyle API due to invalid 'value' (float:NaN).
Added check to validate the 'value'.

* LayoutTests/fast/css/font-size-adjust-from-style-invalid-value-expected.txt: 
Added.
* LayoutTests/fast/css/font-size-adjust-from-style-invalid-value.html: Added.
* Source/WebCore/css/ComputedStyleExtractor.cpp:
(WebCore::fontSizeAdjustFromStyle):

Canonical link: https://commits.webkit.org/274313.330@webkitglib/2.44


  Commit: 53cd328d9c5442feceda87f683b2d35d468e5d16
  
https://github.com/WebKit/WebKit/commit/53cd328d9c5442feceda87f683b2d35d468e5d16
  Author: Nisha Jain 
  Date:   2024-07-31 (Wed, 31 Jul 2024)

  Changed paths:
M Source/JavaScriptCore/yarr/YarrPattern.cpp
M Tools/TestWebKitAPI/Tests/WebCore/SerializedScriptValue.cpp

  Log Message:
  ---
  Cherry-pick 272448.957@safari-7618-branch (aee8743b069b). 
https://bugs.webkit.org/show_bug.cgi?id=272932

Fuzz blocker for WebCore-SerializedScriptValue-Deserialize-fuzzer in 
readTerminal() | Yarr::CharacterClassConstructor::unicodeOpSorted
https://bugs.webkit.org/show_bug.cgi?id=272932
rdar://126631719

Reviewed by Yusuke Suzuki.

During deserialization of IDBValueToJSValue based on RegExpTag,
the YarrParser crashes as unsorted list is passed to unicodeOpSorted API.
To fix this issue sorted list is created and check is made before addChar API 
call.

* Source/JavaScriptCore/yarr/YarrPattern.cpp:
(JSC::Yarr::CharacterClassConstructor::putCharNonUnion):
* Tools/TestWebKitAPI/Tests/WebCore/SerializedScriptValue.cpp:
(TestWebKitAPI::TEST):

Canonical link: https://commits.webkit.org/274313.331@webkitglib/2.44


  Commit: b951404ea74ae432312a83138f5c8945a0d09e1b
  
https://github.com/WebKit/WebKit/commit/b951404ea74ae432312a83138f5c8945a0d09e1b
  Author: Jean-Yves Avenard 
  Date:   2024-07-31 (Wed, 31 Jul 2024)

  Changed paths:
A 
LayoutTests/webaudio/crashtest/audioworklet-concurrent-resampler-crash-expected.txt
A 
LayoutTests/webaudio/crashtest/audioworklet-concurrent-resampler-crash.html
M Source/WebCore/platform/audio/MultiChannelResampler.cpp
M Source/WebCore/platform/audio/MultiChannelResampler.h

  Log Message:
  ---
  Cherry-pick 272448.960@safari-7618-branch (b7ccdb65258e). 
https://bugs.webkit.org/show_bug.cgi?id=273176

Always copy all audio channels to the AudioBus to guarantee data lifetime.
https://bugs.webkit.org/show_bug.cgi?id=273176
rdar://125166710

Reviewed by Chris Dumez.

Following 275262@main, a task is dispatched on the audio render thread.
This task dispatch takes a reference to the source and destination AudioBus
however when a MultiChannelResampler is in use, the source AudioBus may
contain a raw pointer to the resampled's AudioArray and the lifetime of
this object may be shorter than the AudioBus.

In 232182@main, a speed and memory optimisation was added by passed-in buffer
as memory for the first channel in the

[webkit-changes] [WebKit/WebKit] 779b59: Follow-up to bug 268132

2024-06-11 Thread mscottapple

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 779b5972512b34ecfff9cccf320e83df132a9d14
  
https://github.com/WebKit/WebKit/commit/779b5972512b34ecfff9cccf320e83df132a9d14
  Author: Scott Marcy 
  Date:   2024-06-11 (Tue, 11 Jun 2024)

  Changed paths:
M Source/WebCore/dom/Element.cpp

  Log Message:
  ---
  Follow-up to bug 268132
https://bugs.webkit.org/show_bug.cgi?id=275334
rdar://129528145

Reviewed by David Kilzer.

This is a change that should have been included in the fix for bug 268132.
https://github.com/WebKit/WebKit/pull/23283

* Source/WebCore/dom/Element.cpp:
(WebCore::Element::removedFromAncestor):

Canonical link: https://commits.webkit.org/279903@main



To unsubscribe from these emails, change your notification settings at 
https://github.com/WebKit/WebKit/settings/notifications
___
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

[webkit-changes] [WebKit/WebKit] 53e67f: REGRESSION(277450@main): OOB array read with SVG a...

2024-05-01 Thread mscottapple

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 53e67f679530f17b29fa09c1ca2af78cb1b0e0e4
  
https://github.com/WebKit/WebKit/commit/53e67f679530f17b29fa09c1ca2af78cb1b0e0e4
  Author: Scott Marcy 
  Date:   2024-05-01 (Wed, 01 May 2024)

  Changed paths:
A 
LayoutTests/svg/animations/animate-zero-keyPoints-should-not-crash-expected.txt
A LayoutTests/svg/animations/animate-zero-keyPoints-should-not-crash.html
M Source/WebCore/svg/SVGAnimationElement.cpp

  Log Message:
  ---
  REGRESSION(277450@main): OOB array read with SVG animation where keyPoints = 
0.
https://bugs.webkit.org/show_bug.cgi?id=272929
rdar://126636733

Reviewed by Said Abou-Hallawa.

This change makes a couple additional, similar changes to the original changes
to better track the SVG spec. (See the original bug for more information.)

* 
LayoutTests/svg/animations/animate-zero-keyPoints-should-not-crash-expected.txt:
 Added.
* LayoutTests/svg/animations/animate-zero-keyPoints-should-not-crash.html: 
Added.
* Source/WebCore/svg/SVGAnimationElement.cpp:
(WebCore::SVGAnimationElement::keyTimes const):
(WebCore::SVGAnimationElement::startedActiveInterval):

Canonical link: https://commits.webkit.org/278212@main



To unsubscribe from these emails, change your notification settings at 
https://github.com/WebKit/WebKit/settings/notifications
___
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

[webkit-changes] [WebKit/WebKit] 09eff9: rdar://119489615 ([CoreIPC] SEGV in WebKit::Remote...

2024-03-19 Thread mscottapple

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 09eff921fc9a28f36ed936bbfcb56d5f5d722cfe
  
https://github.com/WebKit/WebKit/commit/09eff921fc9a28f36ed936bbfcb56d5f5d722cfe
  Author: Scott Marcy 
  Date:   2024-03-19 (Tue, 19 Mar 2024)

  Changed paths:
M LayoutTests/TestExpectations
A LayoutTests/ipc/invalid-message-to-addTrackBuffer-expected.txt
A LayoutTests/ipc/invalid-message-to-addTrackBuffer.html
M Source/WebKit/GPUProcess/media/RemoteSourceBufferProxy.cpp

  Log Message:
  ---
  rdar://119489615 ([CoreIPC] SEGV in 
WebKit::RemoteSourceBufferProxy::addTrackBuffer)

Checks that the TrackPrivateRemoteIdentifier argument for the IPC call 
RemoteSourceBufferProxy::addTrackBuffer() is valid and invalidates the IPC 
message if not.

Reviewed by David Kilzer.

If the TrackPrivateRemoteIdentifier value is not a known value, the IPC message 
will be marked as invalid, which is supposed
to crash the content process thereby thwarting any attempted attack through 
this mechanism.

* LayoutTests/TestExpectations:
* LayoutTests/ipc/invalid-message-to-addTrackBuffer-expected.txt: Added.
* LayoutTests/ipc/invalid-message-to-addTrackBuffer.html: Added.
* Source/WebKit/GPUProcess/media/RemoteSourceBufferProxy.cpp:
(WebKit::RemoteSourceBufferProxy::addTrackBuffer):

Originally-landed-as: 272448.259@safari-7618-branch (60f8c4667d7a). 
rdar://124555372
Canonical link: https://commits.webkit.org/276351@main



To unsubscribe from these emails, change your notification settings at 
https://github.com/WebKit/WebKit/settings/notifications
___
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

[webkit-changes] [WebKit/WebKit] 2527c3: Generate serialization for SecAccessControlRef

2024-02-08 Thread mscottapple

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 2527c3339eccf0579abe0d025409a07676d0f224
  
https://github.com/WebKit/WebKit/commit/2527c3339eccf0579abe0d025409a07676d0f224
  Author: Scott Marcy 
  Date:   2024-02-08 (Thu, 08 Feb 2024)

  Changed paths:
M Source/WebKit/DerivedSources-input.xcfilelist
M Source/WebKit/DerivedSources.make
M Source/WebKit/Shared/cf/ArgumentCodersCF.cpp
M Source/WebKit/Shared/cf/ArgumentCodersCF.h
M Source/WebKit/Shared/cf/CFTypes.serialization.in
A Source/WebKit/Shared/cf/CoreIPCSecAccessControl.h
A Source/WebKit/Shared/cf/CoreIPCSecAccessControl.serialization.in
M Source/WebKit/Shared/cf/CoreIPCSecCertificate.serialization.in
M Source/WebKit/WebKit.xcodeproj/project.pbxproj
M Tools/TestWebKitAPI/Tests/IPC/IPCSerialization.mm

  Log Message:
  ---
  Generate serialization for SecAccessControlRef
https://bugs.webkit.org/show_bug.cgi?id=268571
rdar://122128719

Reviewed by achristensen07 (Alex Christensen).

* Source/WebKit/DerivedSources-input.xcfilelist:
* Source/WebKit/DerivedSources.make:
* Source/WebKit/Shared/cf/ArgumentCodersCF.cpp:
(IPC::ArgumentCoder::encode): Deleted.
(IPC::ArgumentCoder>::decode): Deleted.
* Source/WebKit/Shared/cf/ArgumentCodersCF.h:
* Source/WebKit/Shared/cf/CFTypes.serialization.in:
* Source/WebKit/Shared/cf/CoreIPCSecAccessControl.h: Added.
(WebKit::CoreIPCSecAccessControl::CoreIPCSecAccessControl):
(WebKit::CoreIPCSecAccessControl::createSecAccessControl const):
(WebKit::CoreIPCSecAccessControl::dataReference const):
(WebKit::CoreIPCSecAccessControl::dataFromAccessControl const):
* Source/WebKit/Shared/cf/CoreIPCSecAccessControl.serialization.in: Copied from 
Source/WebKit/Shared/cf/CoreIPCSecCertificate.serialization.in.
* Source/WebKit/Shared/cf/CoreIPCSecCertificate.serialization.in:
* Source/WebKit/WebKit.xcodeproj/project.pbxproj:
* Tools/TestWebKitAPI/Tests/IPC/IPCSerialization.mm:
(TEST):

Canonical link: https://commits.webkit.org/274307@main


___
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

[webkit-changes] [WebKit/WebKit] 089245: Generate serialization for NSPresentationIntent

2024-02-07 Thread mscottapple

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 089245fbdcadc21c8ef020e0a1ea4dd297355b4e
  
https://github.com/WebKit/WebKit/commit/089245fbdcadc21c8ef020e0a1ea4dd297355b4e
  Author: Scott Marcy 
  Date:   2024-02-07 (Wed, 07 Feb 2024)

  Changed paths:
M Source/WebKit/DerivedSources-input.xcfilelist
M Source/WebKit/DerivedSources.make
M Source/WebKit/Shared/Cocoa/ArgumentCodersCocoa.h
M Source/WebKit/Shared/Cocoa/ArgumentCodersCocoa.mm
M Source/WebKit/Shared/Cocoa/CoreIPCNSCFObject.h
M Source/WebKit/Shared/Cocoa/CoreIPCNSCFObject.mm
A Source/WebKit/Shared/Cocoa/CoreIPCPresentationIntent.h
A Source/WebKit/Shared/Cocoa/CoreIPCPresentationIntent.mm
A Source/WebKit/Shared/Cocoa/CoreIPCPresentationIntent.serialization.in
M Source/WebKit/Shared/Cocoa/CoreIPCTypes.h
M Source/WebKit/WebKit.xcodeproj/project.pbxproj
M Tools/TestWebKitAPI/Tests/IPC/IPCSerialization.mm

  Log Message:
  ---
  Generate serialization for NSPresentationIntent
https://bugs.webkit.org/show_bug.cgi?id=268779
rdar://109121874

Reviewed by achristensen07 (Alex Christensen).

* Source/WebKit/DerivedSources-input.xcfilelist:
* Source/WebKit/DerivedSources.make:
* Source/WebKit/Shared/Cocoa/ArgumentCodersCocoa.h:
* Source/WebKit/Shared/Cocoa/ArgumentCodersCocoa.mm:
(IPC::typeFromObject):
(IPC::shouldEnableStrictMode):
* Source/WebKit/Shared/Cocoa/CoreIPCNSCFObject.h:
* Source/WebKit/Shared/Cocoa/CoreIPCNSCFObject.mm:
(WebKit::valueFromID):
* Source/WebKit/Shared/Cocoa/CoreIPCPresentationIntent.h: Added.
(WebKit::CoreIPCPresentationIntent::CoreIPCPresentationIntent):
* Source/WebKit/Shared/Cocoa/CoreIPCPresentationIntent.mm: Added.
(WebKit::CoreIPCPresentationIntent::CoreIPCPresentationIntent):
(WebKit::CoreIPCPresentationIntent::toID const):
* Source/WebKit/Shared/Cocoa/CoreIPCPresentationIntent.serialization.in: Added.
* Source/WebKit/Shared/Cocoa/CoreIPCTypes.h:
* Source/WebKit/WebKit.xcodeproj/project.pbxproj:
* Tools/TestWebKitAPI/Tests/IPC/IPCSerialization.mm:
(TEST):

Canonical link: https://commits.webkit.org/274269@main


___
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

[webkit-changes] [WebKit/WebKit] 446cdc: Generate serialization for SecAccessControlRef

2024-02-07 Thread mscottapple

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 446cdce9e93b5152ad3b44998d0610e5674b038e
  
https://github.com/WebKit/WebKit/commit/446cdce9e93b5152ad3b44998d0610e5674b038e
  Author: Scott Marcy 
  Date:   2024-02-07 (Wed, 07 Feb 2024)

  Changed paths:
M Source/WebKit/DerivedSources-input.xcfilelist
M Source/WebKit/DerivedSources.make
M Source/WebKit/Shared/cf/ArgumentCodersCF.cpp
M Source/WebKit/Shared/cf/ArgumentCodersCF.h
M Source/WebKit/Shared/cf/CFTypes.serialization.in
A Source/WebKit/Shared/cf/CoreIPCSecAccessControl.h
A Source/WebKit/Shared/cf/CoreIPCSecAccessControl.serialization.in
M Source/WebKit/Shared/cf/CoreIPCSecCertificate.serialization.in
M Source/WebKit/WebKit.xcodeproj/project.pbxproj
M Tools/TestWebKitAPI/Tests/IPC/IPCSerialization.mm

  Log Message:
  ---
  Generate serialization for SecAccessControlRef
https://bugs.webkit.org/show_bug.cgi?id=268571
rdar://122128719

Reviewed by achristensen07 (Alex Christensen).

* Source/WebKit/DerivedSources-input.xcfilelist:
* Source/WebKit/DerivedSources.make:
* Source/WebKit/Shared/cf/ArgumentCodersCF.cpp:
(IPC::ArgumentCoder::encode): Deleted.
(IPC::ArgumentCoder>::decode): Deleted.
* Source/WebKit/Shared/cf/ArgumentCodersCF.h:
* Source/WebKit/Shared/cf/CFTypes.serialization.in:
* Source/WebKit/Shared/cf/CoreIPCSecAccessControl.h: Added.
(WebKit::CoreIPCSecAccessControl::CoreIPCSecAccessControl):
(WebKit::CoreIPCSecAccessControl::createSecAccessControl const):
(WebKit::CoreIPCSecAccessControl::dataReference const):
(WebKit::CoreIPCSecAccessControl::dataFromAccessControl const):
* Source/WebKit/Shared/cf/CoreIPCSecAccessControl.serialization.in: Copied from 
Source/WebKit/Shared/cf/CoreIPCSecCertificate.serialization.in.
* Source/WebKit/Shared/cf/CoreIPCSecCertificate.serialization.in:
* Source/WebKit/WebKit.xcodeproj/project.pbxproj:
* Tools/TestWebKitAPI/Tests/IPC/IPCSerialization.mm:
(TEST):

Canonical link: https://commits.webkit.org/274242@main


___
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

[webkit-changes] [WebKit/WebKit] edf848: Generate serialization for SecKeychainItemRef

2024-02-03 Thread mscottapple

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: edf8486e0ced3bf3f416bd255aa8b694d7ba01c5
  
https://github.com/WebKit/WebKit/commit/edf8486e0ced3bf3f416bd255aa8b694d7ba01c5
  Author: Scott Marcy 
  Date:   2024-02-03 (Sat, 03 Feb 2024)

  Changed paths:
M Source/WebKit/DerivedSources-input.xcfilelist
M Source/WebKit/DerivedSources.make
M Source/WebKit/Shared/cf/ArgumentCodersCF.cpp
M Source/WebKit/Shared/cf/ArgumentCodersCF.h
M Source/WebKit/Shared/cf/CFTypes.serialization.in
A Source/WebKit/Shared/cf/CoreIPCSecKeychainItem.h
A Source/WebKit/Shared/cf/CoreIPCSecKeychainItem.serialization.in
M Source/WebKit/WebKit.xcodeproj/project.pbxproj
M Tools/TestWebKitAPI/Tests/IPC/IPCSerialization.mm

  Log Message:
  ---
  Generate serialization for SecKeychainItemRef
https://bugs.webkit.org/show_bug.cgi?id=268182
rdar://121676431

Reviewed by achristensen07 (Alex Christensen).

* Source/WebKit/DerivedSources-input.xcfilelist:
* Source/WebKit/DerivedSources.make:
* Source/WebKit/Shared/cf/ArgumentCodersCF.cpp:
(IPC::ArgumentCoder::encode): Deleted.
(IPC::ArgumentCoder>::decode): Deleted.
* Source/WebKit/Shared/cf/ArgumentCodersCF.h:
* Source/WebKit/Shared/cf/CFTypes.serialization.in:
* Source/WebKit/Shared/cf/CoreIPCSecKeychainItem.h: Added.
(WebKit::CoreIPCSecKeychainItem::CoreIPCSecKeychainItem):
(WebKit::CoreIPCSecKeychainItem::createSecKeychainItem const):
(WebKit::CoreIPCSecKeychainItem::dataReference const):
(WebKit::CoreIPCSecKeychainItem::persistentRefForKeychainItem const):
* Source/WebKit/Shared/cf/CoreIPCSecKeychainItem.serialization.in: Added.
* Source/WebKit/WebKit.xcodeproj/project.pbxproj:
* Tools/TestWebKitAPI/Tests/IPC/IPCSerialization.mm:
(getTempKeychain):
(destroyTempKeychain):
(TEST):

Canonical link: https://commits.webkit.org/274043@main


___
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

[webkit-changes] [WebKit/WebKit] 185189: Generate serialization for SecTrustRef

2024-02-02 Thread mscottapple

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 18518913d5802ce30e09d97f34cd27806e8d21ea
  
https://github.com/WebKit/WebKit/commit/18518913d5802ce30e09d97f34cd27806e8d21ea
  Author: Scott Marcy 
  Date:   2024-02-02 (Fri, 02 Feb 2024)

  Changed paths:
M Source/WebKit/DerivedSources-input.xcfilelist
M Source/WebKit/DerivedSources.make
M Source/WebKit/Shared/cf/ArgumentCodersCF.cpp
M Source/WebKit/Shared/cf/ArgumentCodersCF.h
M Source/WebKit/Shared/cf/CFTypes.serialization.in
A Source/WebKit/Shared/cf/CoreIPCSecTrust.h
A Source/WebKit/Shared/cf/CoreIPCSecTrust.serialization.in
M Source/WebKit/WebKit.xcodeproj/project.pbxproj
M Tools/TestWebKitAPI/Tests/IPC/IPCSerialization.mm

  Log Message:
  ---
  Generate serialization for SecTrustRef
https://bugs.webkit.org/show_bug.cgi?id=268408
rdar://121955588

Reviewed by achristensen07 (Alex Christensen).

* Source/WebKit/DerivedSources-input.xcfilelist:
* Source/WebKit/DerivedSources.make:
* Source/WebKit/Shared/cf/ArgumentCodersCF.cpp:
(IPC::ArgumentCoder::encode): Deleted.
(IPC::ArgumentCoder>::decode): Deleted.
* Source/WebKit/Shared/cf/ArgumentCodersCF.h:
* Source/WebKit/Shared/cf/CFTypes.serialization.in:
* Source/WebKit/Shared/cf/CoreIPCSecTrust.h: Added.
(WebKit::CoreIPCSecTrust::CoreIPCSecTrust):
(WebKit::CoreIPCSecTrust::createSecTrust const):
(WebKit::CoreIPCSecTrust::dataReference const):
* Source/WebKit/Shared/cf/CoreIPCSecTrust.serialization.in: Added.
* Source/WebKit/WebKit.xcodeproj/project.pbxproj:
* Tools/TestWebKitAPI/Tests/IPC/IPCSerialization.mm:
(compareSecTrustRefs):
(operator==):
(TEST):

Canonical link: https://commits.webkit.org/274017@main


___
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

[webkit-changes] [WebKit/WebKit] da1fed: Generate serialization for SecCertificateRef

2024-01-31 Thread mscottapple

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: da1fed55e56647e8bf8f8d8cdbe3becc16d2c02e
  
https://github.com/WebKit/WebKit/commit/da1fed55e56647e8bf8f8d8cdbe3becc16d2c02e
  Author: Scott Marcy 
  Date:   2024-01-31 (Wed, 31 Jan 2024)

  Changed paths:
M Source/WebKit/DerivedSources-input.xcfilelist
M Source/WebKit/DerivedSources.make
M Source/WebKit/Shared/cf/ArgumentCodersCF.cpp
M Source/WebKit/Shared/cf/ArgumentCodersCF.h
M Source/WebKit/Shared/cf/CFTypes.serialization.in
A Source/WebKit/Shared/cf/CoreIPCSecCertificate.h
A Source/WebKit/Shared/cf/CoreIPCSecCertificate.serialization.in
M Source/WebKit/WebKit.xcodeproj/project.pbxproj

  Log Message:
  ---
  Generate serialization for SecCertificateRef
https://bugs.webkit.org/show_bug.cgi?id=268108
rdar://121624808

Reviewed by beidson (Brady Eidson), sheeparegreat (Simon Lewis), achristensen07 
(Alex Christensen).

* Source/WebKit/DerivedSources-input.xcfilelist:
* Source/WebKit/DerivedSources.make:
* Source/WebKit/Platform/IPC/ArgumentCoders.h:
* Source/WebKit/Shared/cf/ArgumentCodersCF.cpp:
(IPC::ArgumentCoder::encode): Deleted.
(IPC::ArgumentCoder>::decode): Deleted.
* Source/WebKit/Shared/cf/ArgumentCodersCF.h:
* Source/WebKit/Shared/cf/CFTypes.serialization.in:
* Source/WebKit/Shared/cf/CoreIPCSecCertificate.h: Added.
(WebKit::CoreIPCSecCertificate::CoreIPCSecCertificate):
(WebKit::CoreIPCSecCertificate::createSecCertificate):
(WebKit::CoreIPCSecCertificate::base64StringFromCertificate):
* Source/WebKit/Shared/cf/CoreIPCSecCertificate.serialization.in: Copied from 
Source/WebKit/Shared/cf/CFTypes.serialization.in.
* Source/WebKit/WebKit.xcodeproj/project.pbxproj:

Canonical link: https://commits.webkit.org/273866@main


___
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

[webkit-changes] [WebKit/WebKit] 235ea5: rdar://115106974 (SEGV in -[NSView resizeSubviewsW...

2024-01-24 Thread mscottapple

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 235ea5801184534cc4fe85b818c642eeea8849c3
  
https://github.com/WebKit/WebKit/commit/235ea5801184534cc4fe85b818c642eeea8849c3
  Author: Scott Marcy 
  Date:   2024-01-24 (Wed, 24 Jan 2024)

  Changed paths:
M LayoutTests/TestExpectations
A LayoutTests/ipc/invalid-fullscreen-enum-expected.txt
A LayoutTests/ipc/invalid-fullscreen-enum.html
A LayoutTests/ipc/resources/1080i60_SMPTE_8CH_audible.mov
M Source/WebCore/platform/graphics/MediaPlayerEnums.h
M Source/WebKit/UIProcess/Cocoa/VideoPresentationManagerProxy.mm

  Log Message:
  ---
  rdar://115106974 (SEGV in -[NSView resizeSubviewsWithOldSize:])

Checks that the VideoFullscreenMode argument for two IPC calls is valid and 
invalidates the IPC message if not.

Reviewed by Alex Christensen (achristensen07).

If the VideoFullscreenMode value is not as expected it IPC message will be 
marked as invalid, which is supposed
to crash the content process thereby thwarting any attempted attack through 
this mechanism.

* LayoutTests/TestExpectations:
* LayoutTests/ipc/invalid-fullscreen-enum-expected.txt: Added.
* LayoutTests/ipc/invalid-fullscreen-enum.html: Added.
* LayoutTests/ipc/resources/1080i60_SMPTE_8CH_audible.mov: Added.
* Source/WebCore/platform/graphics/MediaPlayerEnums.h:
* Source/WebKit/UIProcess/Cocoa/VideoPresentationManagerProxy.mm:
(WebKit::VideoPresentationManagerProxy::setupFullscreenWithID):
(WebKit::VideoPresentationManagerProxy::exitFullscreenWithoutAnimationToMode):

Originally-landed-as: 267815.636@safari-7617-branch (cc4e54ad41c9). 
rdar://121480101
Canonical link: https://commits.webkit.org/273472@main


___
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

[webkit-changes] [WebKit/WebKit] 59ecda: rdar://115842409 (jsc_fuz/wktr: ASSERTION FAILED: ...

2023-12-16 Thread mscottapple

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 59ecda13ecdbda262ba243715f95756bd4936eae
  
https://github.com/WebKit/WebKit/commit/59ecda13ecdbda262ba243715f95756bd4936eae
  Author: Scott Marcy 
  Date:   2023-12-16 (Sat, 16 Dec 2023)

  Changed paths:
A LayoutTests/fast/css/font-size-adjust-invalid-value-type-expected.txt
A LayoutTests/fast/css/font-size-adjust-invalid-value-type.html
M Source/WebCore/style/StyleBuilderConverter.h

  Log Message:
  ---
  rdar://115842409 (jsc_fuz/wktr: ASSERTION FAILED: is(source) 
::downcast(Source &) [Target = WebCore::CSSValuePair, Source = const 
WebCore::CSSValue] at StyleBuilderConverter.h:1632)

Checked for an unexpected CSS type for 'font-size-adjust' and returns a default 
value instead of crashing.

Reviewed by anttijk.

This prevents a crash on downcasting when an unexpected `CSSValue` subclass is 
provided.

Combined changes:
* LayoutTests/fast/css/font-size-adjust-invalid-value-type-expected.txt: Added.
* LayoutTests/fast/css/font-size-adjust-invalid-value-type.html: Added.
* Source/WebCore/style/StyleBuilderConverter.h:
(WebCore::Style::BuilderConverter::convertFontSizeAdjust):

Originally-landed-as: 267815.526@safari-7617-branch (92043c608a1c). 
rdar://119598353
Canonical link: https://commits.webkit.org/272171@main


___
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

[webkit-changes] [WebKit/WebKit] 64eea7: rdar://117803684 ([5d1fa25f3fa41fc3] ASAN_SEGV | W...

2023-11-09 Thread mscottapple

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 64eea79c096c633675ca43ab3d71227f0ddd4570
  
https://github.com/WebKit/WebKit/commit/64eea79c096c633675ca43ab3d71227f0ddd4570
  Author: Scott Marcy 
  Date:   2023-11-09 (Thu, 09 Nov 2023)

  Changed paths:
A LayoutTests/fast/svg/svg_should_not_crash-expected.txt
A LayoutTests/fast/svg/svg_should_not_crash.html
M Source/WebCore/rendering/RenderBox.cpp

  Log Message:
  ---
  rdar://117803684 ([5d1fa25f3fa41fc3] ASAN_SEGV | 
WebCore::RenderBox::repaintLayerRectsForImage; 
WebCore::RenderBox::imageChanged; WebCore::CachedImage::notifyObservers)

Reviewed by Matt Woodrow.

This checks for a non-unexpected case where an Element has no direct layer to 
render to.

* LayoutTests/fast/svg/svg_should_not_crash-expected.txt: Added.
* LayoutTests/fast/svg/svg_should_not_crash.html: Added.
* Source/WebCore/rendering/RenderBox.cpp:
(WebCore::RenderBox::repaintLayerRectsForImage):

Canonical link: https://commits.webkit.org/270487@main


___
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

[webkit-changes] [WebKit/WebKit] b3b218: rdar://89218473 ([ER] WebKitTestRunner and DumpRen...

2023-09-29 Thread mscottapple

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: b3b218402da7205aec197cdc863e9d3f63fc3b95
  
https://github.com/WebKit/WebKit/commit/b3b218402da7205aec197cdc863e9d3f63fc3b95
  Author: Scott Marcy 
  Date:   2023-09-29 (Fri, 29 Sep 2023)

  Changed paths:
M Tools/DumpRenderTree/DumpRenderTree.h
M Tools/DumpRenderTree/mac/DumpRenderTree.mm
M Tools/DumpRenderTree/mac/ResourceLoadDelegate.h
M Tools/DumpRenderTree/mac/ResourceLoadDelegate.mm
M Tools/WebKitTestRunner/TestController.cpp
M Tools/WebKitTestRunner/TestController.h

  Log Message:
  ---
  rdar://89218473 ([ER] WebKitTestRunner and DumpRenderTree should let the user 
know if loading a file or a url failed)

Reviewed by David Kilzer (ddkilzer).

This adds preflight checking for the existence of input files specified on the 
command line, as well as reporting of any URL loading errors.

* Tools/DumpRenderTree/mac/DumpRenderTree.mm:
(initializeGlobalsFromCommandLineOptions):
(runTest):
* Tools/DumpRenderTree/mac/ResourceLoadDelegate.h:
* Tools/DumpRenderTree/mac/ResourceLoadDelegate.mm:
(-[ResourceLoadDelegate dealloc]):
(-[ResourceLoadDelegate 
webView:resource:didFailLoadingWithError:fromDataSource:]):
* Tools/WebKitTestRunner/TestController.cpp:
(WTR::TestController::createOtherPlatformWebView):
(WTR::TestController::createWebViewWithOptions):
(WTR::TestController::createTestURL):
(WTR::TestController::runTest):
(WTR::TestController::didFailProvisionalNavigation):
(WTR::pathSuitableForTestResult):
* Tools/WebKitTestRunner/TestController.h:

Canonical link: https://commits.webkit.org/268687@main


___
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

[webkit-changes] [WebKit/WebKit] 1f07bd: rdar://89218473 ([ER] WebKitTestRunner and DumpRen...

2023-09-26 Thread mscottapple

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 1f07bde4413aea4d24324609b7ef02c5316eb988
  
https://github.com/WebKit/WebKit/commit/1f07bde4413aea4d24324609b7ef02c5316eb988
  Author: Scott Marcy 
  Date:   2023-09-26 (Tue, 26 Sep 2023)

  Changed paths:
M Tools/DumpRenderTree/mac/DumpRenderTree.mm
M Tools/DumpRenderTree/mac/ResourceLoadDelegate.h
M Tools/DumpRenderTree/mac/ResourceLoadDelegate.mm
M Tools/WebKitTestRunner/TestController.cpp
M Tools/WebKitTestRunner/TestController.h

  Log Message:
  ---
  rdar://89218473 ([ER] WebKitTestRunner and DumpRenderTree should let the user 
know if loading a file or a url failed)

Reviewed by David Kilzer (ddkilzer).

This adds preflight checking for the existence of input files specified on the 
command line, as well as reporting of any URL loading errors.

* Tools/DumpRenderTree/mac/DumpRenderTree.mm:
(initializeGlobalsFromCommandLineOptions):
(runTest):
* Tools/DumpRenderTree/mac/ResourceLoadDelegate.h:
* Tools/DumpRenderTree/mac/ResourceLoadDelegate.mm:
(-[ResourceLoadDelegate dealloc]):
(-[ResourceLoadDelegate 
webView:resource:didFailLoadingWithError:fromDataSource:]):
* Tools/WebKitTestRunner/TestController.cpp:
(WTR::TestController::createOtherPlatformWebView):
(WTR::TestController::createWebViewWithOptions):
(WTR::TestController::createTestURL):
(WTR::TestController::runTest):
(WTR::TestController::didFailProvisionalNavigation):
(WTR::pathSuitableForTestResult):
* Tools/WebKitTestRunner/TestController.h:

Canonical link: https://commits.webkit.org/268472@main


___
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

[webkit-changes] [WebKit/WebKit] c53621: Versioning.

[webkit-changes] [WebKit/WebKit] 127c06: Cherry-pick 272448.946@safari-7618-branch (110ae76...

[webkit-changes] [WebKit/WebKit] 779b59: Follow-up to bug 268132

[webkit-changes] [WebKit/WebKit] 53e67f: REGRESSION(277450@main): OOB array read with SVG a...

[webkit-changes] [WebKit/WebKit] 09eff9: rdar://119489615 ([CoreIPC] SEGV in WebKit::Remote...

[webkit-changes] [WebKit/WebKit] 2527c3: Generate serialization for SecAccessControlRef

[webkit-changes] [WebKit/WebKit] 089245: Generate serialization for NSPresentationIntent

[webkit-changes] [WebKit/WebKit] 446cdc: Generate serialization for SecAccessControlRef

[webkit-changes] [WebKit/WebKit] edf848: Generate serialization for SecKeychainItemRef

[webkit-changes] [WebKit/WebKit] 185189: Generate serialization for SecTrustRef

[webkit-changes] [WebKit/WebKit] da1fed: Generate serialization for SecCertificateRef

[webkit-changes] [WebKit/WebKit] 235ea5: rdar://115106974 (SEGV in -[NSView resizeSubviewsW...

[webkit-changes] [WebKit/WebKit] 59ecda: rdar://115842409 (jsc_fuz/wktr: ASSERTION FAILED: ...

[webkit-changes] [WebKit/WebKit] 64eea7: rdar://117803684 ([5d1fa25f3fa41fc3] ASAN_SEGV | W...

[webkit-changes] [WebKit/WebKit] b3b218: rdar://89218473 ([ER] WebKitTestRunner and DumpRen...

[webkit-changes] [WebKit/WebKit] 1f07bd: rdar://89218473 ([ER] WebKitTestRunner and DumpRen...

16 matches

Site Navigation

Mail list logo

Footer information