Title: [226224] trunk/Source/WebCore
- Revision
- 226224
- Author
- bfulg...@apple.com
- Date
- 2017-12-21 09:18:31 -0800 (Thu, 21 Dec 2017)
Log Message
Adopt new secure coding APIs in WebCore
https://bugs.webkit.org/show_bug.cgi?id=178484
<rdar://problem/34837193>
Reviewed by Eric Carlson.
Source/WebCore:
Switch to new NSKeyed[Un]Archiver methods that use NSSecureCoding by default.
Most of the new API is wrapped in a set of convenience methods so we can
build without the new API on older systems.
No change in behavior.
* editing/cocoa/EditorCocoa.mm:
(WebCore::archivedDataForAttributedString): Use new convenience method
to archive the string object.
* platform/ios/PlatformPasteboardIOS.mm:
(WebCore::PlatformPasteboard::write): Use new secure API.
(WebCore::PlatformPasteboard::typesSafeForDOMToReadAndWrite const): Ditto.
Source/WebCore/PAL:
Due to <rdar://problem/31376830 we cannot used SecureCoding on NSAttributedString
in some cases. Add a macro for OS revisions that do not support secure coding,
and use the standard unarchive operation for NSAttributedString in those cases.
Rename 'insecurelyUnarchiveObjectOfClassFromData' to 'insecurelyUnarchiveObjectFromData',
and move it earlier in the file so that it can be reused in 'unarchivedObjectOfClassFromData'.
* pal/spi/cocoa/NSKeyedArchiverSPI.h:
(insecurelyUnarchiveObjectFromData): Renamed from insecurelyUnarchiveObjectOfClassFromData.
(unarchivedObjectOfClassFromData): Renamed from 'securelyUnarchiveObjectOfClassFromData' and
modified to use 'insecurelyUnarchiveObjectFromData'.
(securelyUnarchiveObjectOfClassFromData): Deleted.
(insecurelyUnarchiveObjectOfClassFromData): Deleted.
Modified Paths
Diff
Modified: trunk/Source/WebCore/ChangeLog (226223 => 226224)
--- trunk/Source/WebCore/ChangeLog 2017-12-21 17:16:59 UTC (rev 226223)
+++ trunk/Source/WebCore/ChangeLog 2017-12-21 17:18:31 UTC (rev 226224)
@@ -1,3 +1,25 @@
+2017-12-21 Brent Fulgham <bfulg...@apple.com>
+
+ Adopt new secure coding APIs in WebCore
+ https://bugs.webkit.org/show_bug.cgi?id=178484
+ <rdar://problem/34837193>
+
+ Reviewed by Eric Carlson.
+
+ Switch to new NSKeyed[Un]Archiver methods that use NSSecureCoding by default.
+
+ Most of the new API is wrapped in a set of convenience methods so we can
+ build without the new API on older systems.
+
+ No change in behavior.
+
+ * editing/cocoa/EditorCocoa.mm:
+ (WebCore::archivedDataForAttributedString): Use new convenience method
+ to archive the string object.
+ * platform/ios/PlatformPasteboardIOS.mm:
+ (WebCore::PlatformPasteboard::write): Use new secure API.
+ (WebCore::PlatformPasteboard::typesSafeForDOMToReadAndWrite const): Ditto.
+
2017-12-21 Zalan Bujtas <za...@apple.com>
[RenderTreeBuilder] Move ruby mutation code to a dedicated class.
Modified: trunk/Source/WebCore/PAL/ChangeLog (226223 => 226224)
--- trunk/Source/WebCore/PAL/ChangeLog 2017-12-21 17:16:59 UTC (rev 226223)
+++ trunk/Source/WebCore/PAL/ChangeLog 2017-12-21 17:18:31 UTC (rev 226224)
@@ -1,3 +1,25 @@
+2017-12-21 Brent Fulgham <bfulg...@apple.com>
+
+ Adopt new secure coding APIs in WebCore
+ https://bugs.webkit.org/show_bug.cgi?id=178484
+ <rdar://problem/34837193>
+
+ Reviewed by Eric Carlson.
+
+ Due to <rdar://problem/31376830 we cannot used SecureCoding on NSAttributedString
+ in some cases. Add a macro for OS revisions that do not support secure coding,
+ and use the standard unarchive operation for NSAttributedString in those cases.
+
+ Rename 'insecurelyUnarchiveObjectOfClassFromData' to 'insecurelyUnarchiveObjectFromData',
+ and move it earlier in the file so that it can be reused in 'unarchivedObjectOfClassFromData'.
+
+ * pal/spi/cocoa/NSKeyedArchiverSPI.h:
+ (insecurelyUnarchiveObjectFromData): Renamed from insecurelyUnarchiveObjectOfClassFromData.
+ (unarchivedObjectOfClassFromData): Renamed from 'securelyUnarchiveObjectOfClassFromData' and
+ modified to use 'insecurelyUnarchiveObjectFromData'.
+ (securelyUnarchiveObjectOfClassFromData): Deleted.
+ (insecurelyUnarchiveObjectOfClassFromData): Deleted.
+
2017-12-21 Jeremy Jones <jere...@apple.com>
Element fullscreen interface should display the location
Modified: trunk/Source/WebCore/PAL/pal/spi/cocoa/NSKeyedArchiverSPI.h (226223 => 226224)
--- trunk/Source/WebCore/PAL/pal/spi/cocoa/NSKeyedArchiverSPI.h 2017-12-21 17:16:59 UTC (rev 226223)
+++ trunk/Source/WebCore/PAL/pal/spi/cocoa/NSKeyedArchiverSPI.h 2017-12-21 17:18:31 UTC (rev 226224)
@@ -31,6 +31,8 @@
#define USE_SECURE_ARCHIVER_API ((PLATFORM(MAC) && __MAC_OS_X_VERSION_MAX_ALLOWED >= 101302 && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101300) || (PLATFORM(IOS) && __IPHONE_OS_VERSION_MIN_REQUIRED >= 110200) || (PLATFORM(WATCHOS) && __WATCH_OS_VERSION_MIN_REQUIRED >= 40200) || (PLATFORM(TVOS) && __TV_OS_VERSION_MIN_REQUIRED >= 110200))
+#define USE_SECURE_ARCHIVER_FOR_ATTRIBUTED_STRING ((PLATFORM(MAC) && __MAC_OS_X_VERSION_MAX_ALLOWED >= 101302 && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101300) || (PLATFORM(IOS) && __IPHONE_OS_VERSION_MIN_REQUIRED >= 120000) || (PLATFORM(WATCHOS) && __WATCH_OS_VERSION_MIN_REQUIRED >= 50000) || (PLATFORM(TVOS) && __TV_OS_VERSION_MIN_REQUIRED >= 120000))
+
#if USE(SECURE_ARCHIVER_API)
#if USE(APPLE_INTERNAL_SDK)
#import <Foundation/NSKeyedArchiver_Private.h>
@@ -82,28 +84,33 @@
#endif
}
-inline id _Nullable securelyUnarchiveObjectOfClassFromData(Class _Nonnull cls, NSData * _Nonnull data)
+inline id _Nullable insecurelyUnarchiveObjectFromData(NSData * _Nonnull data)
{
+#pragma clang diagnostic push
+#pragma clang diagnostic ignored "-Wdeprecated-declarations"
+ return [NSKeyedUnarchiver unarchiveObjectWithData:data];
+#pragma clang diagnostic pop
+}
+
+inline id _Nullable unarchivedObjectOfClassFromData(Class _Nonnull cls, NSData * _Nonnull data)
+{
#if USE(SECURE_ARCHIVER_API)
+#if !USE(SECURE_ARCHIVER_FOR_ATTRIBUTED_STRING)
+ // Remove this code when the fix from <rdar://problem/31376830> is deployed to all relevant build targets.
+ if (cls == [NSAttributedString class])
+ return insecurelyUnarchiveObjectFromData(data);
+#endif
NSError *error;
id value = [NSKeyedUnarchiver unarchivedObjectOfClass:cls fromData:data error:&error];
- if (!data)
+ if (!value)
LOG_ERROR("Unable to unarchive data: %@", error);
return value;
#else
UNUSED_PARAM(cls);
- return [NSKeyedUnarchiver unarchiveObjectWithData:data];
+ return insecurelyUnarchiveObjectFromData(data);
#endif
}
-inline id _Nullable insecurelyUnarchiveObjectOfClassFromData(NSData * _Nonnull data)
-{
-#pragma clang diagnostic push
-#pragma clang diagnostic ignored "-Wdeprecated-declarations"
- return [NSKeyedUnarchiver unarchiveObjectWithData:data];
-#pragma clang diagnostic pop
-}
-
inline RetainPtr<NSKeyedArchiver> secureArchiver()
{
#if USE(SECURE_ARCHIVER_API)
Modified: trunk/Source/WebCore/editing/cocoa/EditorCocoa.mm (226223 => 226224)
--- trunk/Source/WebCore/editing/cocoa/EditorCocoa.mm 2017-12-21 17:16:59 UTC (rev 226223)
+++ trunk/Source/WebCore/editing/cocoa/EditorCocoa.mm 2017-12-21 17:18:31 UTC (rev 226224)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2006-2016 Apple Inc. All rights reserved.
+ * Copyright (C) 2006-2017 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -142,7 +142,7 @@
if (!attributedString.length)
return nullptr;
- return SharedBuffer::create(insecurelyArchivedDataWithRootObject(attributedString));
+ return SharedBuffer::create(securelyArchivedDataWithRootObject(attributedString));
}
String Editor::selectionInHTMLFormat()
Modified: trunk/Source/WebCore/platform/ios/PlatformPasteboardIOS.mm (226223 => 226224)
--- trunk/Source/WebCore/platform/ios/PlatformPasteboardIOS.mm 2017-12-21 17:16:59 UTC (rev 226223)
+++ trunk/Source/WebCore/platform/ios/PlatformPasteboardIOS.mm 2017-12-21 17:18:31 UTC (rev 226224)
@@ -265,7 +265,7 @@
[representationsToRegister addData:content.dataInWebArchiveFormat->createNSData().get() forType:WebArchivePboardType];
if (content.dataInAttributedStringFormat) {
- NSAttributedString *attributedString = insecurelyUnarchiveObjectOfClassFromData(content.dataInAttributedStringFormat->createNSData().get());
+ NSAttributedString *attributedString = unarchivedObjectOfClassFromData([NSAttributedString class], content.dataInAttributedStringFormat->createNSData().get());
if (attributedString)
[representationsToRegister addRepresentingObject:attributedString];
}
@@ -380,7 +380,7 @@
if (!provider.teamData.length)
continue;
- NSDictionary *teamDataObject = insecurelyUnarchiveObjectOfClassFromData(provider.teamData);
+ NSDictionary *teamDataObject = unarchivedObjectOfClassFromData([NSDictionary class], provider.teamData);
if (!teamDataObject)
continue;
@@ -445,7 +445,7 @@
NSMutableArray<NSString *> *typesAsNSArray = [NSMutableArray array];
for (auto& type : data.orderedTypes)
[typesAsNSArray addObject:type];
- [representationsToRegister setTeamData:insecurelyArchivedDataWithRootObject(@{ @(originKeyForTeamData) : data.origin, @(customTypesKeyForTeamData) : typesAsNSArray })];
+ [representationsToRegister setTeamData:securelyArchivedDataWithRootObject(@{ @(originKeyForTeamData) : data.origin, @(customTypesKeyForTeamData) : typesAsNSArray })];
[representationsToRegister addData:serializedSharedBuffer.get() forType:@(PasteboardCustomData::cocoaType())];
}
}
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
