Diff
Modified: trunk/Source/WebCore/ChangeLog (287607 => 287608)
--- trunk/Source/WebCore/ChangeLog 2022-01-05 08:24:22 UTC (rev 287607)
+++ trunk/Source/WebCore/ChangeLog 2022-01-05 08:41:16 UTC (rev 287608)
@@ -1,3 +1,19 @@
+2022-01-05 Youenn Fablet <you...@apple.com>
+
+ Tighten ServiceWorkerRegistrationKey::fromDatabaseKey
+ https://bugs.webkit.org/show_bug.cgi?id=234838
+
+ Reviewed by Chris Dumez.
+
+ Add missing input validation checks.
+ Covered by API test.
+ In addition, validate that the registration key matches the other database fields.
+
+ * workers/service/ServiceWorkerRegistrationKey.cpp:
+ * workers/service/ServiceWorkerRegistrationKey.h:
+ * workers/service/server/RegistrationDatabase.cpp:
+ (WebCore::RegistrationDatabase::importRecords):
+
2022-01-05 Martin Robinson <mrobin...@webkit.org>
CSS `transform` property should take into account transform reference box
Modified: trunk/Source/WebCore/workers/service/ServiceWorkerRegistrationKey.cpp (287607 => 287608)
--- trunk/Source/WebCore/workers/service/ServiceWorkerRegistrationKey.cpp 2022-01-05 08:24:22 UTC (rev 287607)
+++ trunk/Source/WebCore/workers/service/ServiceWorkerRegistrationKey.cpp 2022-01-05 08:41:16 UTC (rev 287608)
@@ -103,10 +103,15 @@
std::optional<ServiceWorkerRegistrationKey> ServiceWorkerRegistrationKey::fromDatabaseKey(const String& key)
{
auto first = key.find(separatorCharacter, 0);
+ if (first == notFound)
+ return std::nullopt;
+
auto second = key.find(separatorCharacter, first + 1);
+ if (second == notFound)
+ return std::nullopt;
+
auto third = key.find(separatorCharacter, second + 1);
-
- if (first == second || second == third)
+ if (third == notFound)
return std::nullopt;
std::optional<uint16_t> shortPort;
Modified: trunk/Source/WebCore/workers/service/ServiceWorkerRegistrationKey.h (287607 => 287608)
--- trunk/Source/WebCore/workers/service/ServiceWorkerRegistrationKey.h 2022-01-05 08:24:22 UTC (rev 287607)
+++ trunk/Source/WebCore/workers/service/ServiceWorkerRegistrationKey.h 2022-01-05 08:41:16 UTC (rev 287608)
@@ -60,7 +60,7 @@
template<class Decoder> static std::optional<ServiceWorkerRegistrationKey> decode(Decoder&);
String toDatabaseKey() const;
- static std::optional<ServiceWorkerRegistrationKey> fromDatabaseKey(const String&);
+ WEBCORE_EXPORT static std::optional<ServiceWorkerRegistrationKey> fromDatabaseKey(const String&);
#if !LOG_DISABLED
String loggingString() const;
Modified: trunk/Source/WebCore/workers/service/server/RegistrationDatabase.cpp (287607 => 287608)
--- trunk/Source/WebCore/workers/service/server/RegistrationDatabase.cpp 2022-01-05 08:24:22 UTC (rev 287607)
+++ trunk/Source/WebCore/workers/service/server/RegistrationDatabase.cpp 2022-01-05 08:41:16 UTC (rev 287608)
@@ -588,6 +588,10 @@
RELEASE_LOG_ERROR(ServiceWorker, "RegistrationDatabase::importRecords: Failed to decode part of the registration");
continue;
}
+ if (key->topOrigin() != *topOrigin) {
+ RELEASE_LOG_ERROR(ServiceWorker, "RegistrationDatabase::importRecords: Inconsistent registration");
+ continue;
+ }
auto script = scriptStorage().retrieve(*key, scriptURL);
if (!script) {
Modified: trunk/Tools/ChangeLog (287607 => 287608)
--- trunk/Tools/ChangeLog 2022-01-05 08:24:22 UTC (rev 287607)
+++ trunk/Tools/ChangeLog 2022-01-05 08:41:16 UTC (rev 287608)
@@ -1,3 +1,13 @@
+2022-01-05 Youenn Fablet <you...@apple.com>
+
+ Tighten ServiceWorkerRegistrationKey::fromDatabaseKey
+ https://bugs.webkit.org/show_bug.cgi?id=234838
+
+ Reviewed by Chris Dumez.
+
+ * TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
+ * TestWebKitAPI/Tests/WebCore/ServiceWorkerRoutines.cpp: Added.
+
2022-01-05 Fujii Hironori <hironori.fu...@sony.com>
[Win][DumpRenderTree] dumpHistoryItem leaks a SafeArray
Modified: trunk/Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj (287607 => 287608)
--- trunk/Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj 2022-01-05 08:24:22 UTC (rev 287607)
+++ trunk/Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj 2022-01-05 08:41:16 UTC (rev 287608)
@@ -199,6 +199,7 @@
37FB72971DB2E82F00E41BE4 /* ContextMenuDefaultItemsHaveTags.mm in Sources */ = {isa = PBXBuildFile; fileRef = 37FB72951DB2E82F00E41BE4 /* ContextMenuDefaultItemsHaveTags.mm */; };
3FBD1B4A1D3D66AB00E6D6FA /* FullscreenLayoutConstraints.html in Copy Resources */ = {isa = PBXBuildFile; fileRef = 3FBD1B491D39D1DB00E6D6FA /* FullscreenLayoutConstraints.html */; };
3FCC4FE81EC4E8CA0076E37C /* PictureInPictureDelegate.html in Copy Resources */ = {isa = PBXBuildFile; fileRef = 3FCC4FE61EC4E87E0076E37C /* PictureInPictureDelegate.html */; };
+ 4102EE1727845ED500D6BE74 /* ServiceWorkerRoutines.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4102EE1627845ED500D6BE74 /* ServiceWorkerRoutines.cpp */; };
411223C726035FBF00B0A0B6 /* WebRTC.mm in Sources */ = {isa = PBXBuildFile; fileRef = 411223C626035FBE00B0A0B6 /* WebRTC.mm */; };
41157237234B240C0050A1D1 /* GetUserMedia.mm in Sources */ = {isa = PBXBuildFile; fileRef = 41157236234B24040050A1D1 /* GetUserMedia.mm */; };
4135FB842011FAA700332139 /* InjectInternals_Bundle.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4135FB832011FAA300332139 /* InjectInternals_Bundle.cpp */; };
@@ -1924,6 +1925,7 @@
3FBD1B491D39D1DB00E6D6FA /* FullscreenLayoutConstraints.html */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.html; path = FullscreenLayoutConstraints.html; sourceTree = "<group>"; };
3FCC4FE41EC4E8520076E37C /* PictureInPictureDelegate.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; path = PictureInPictureDelegate.mm; sourceTree = "<group>"; };
3FCC4FE61EC4E87E0076E37C /* PictureInPictureDelegate.html */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.html; path = PictureInPictureDelegate.html; sourceTree = "<group>"; };
+ 4102EE1627845ED500D6BE74 /* ServiceWorkerRoutines.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = ServiceWorkerRoutines.cpp; sourceTree = "<group>"; };
411223C626035FBE00B0A0B6 /* WebRTC.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; path = WebRTC.mm; sourceTree = "<group>"; };
41157236234B24040050A1D1 /* GetUserMedia.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; path = GetUserMedia.mm; sourceTree = "<group>"; };
4135FB832011FAA300332139 /* InjectInternals_Bundle.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = InjectInternals_Bundle.cpp; path = Tests/InjectInternals_Bundle.cpp; sourceTree = SOURCE_ROOT; };
@@ -3742,6 +3744,7 @@
4181C62C255A891100AEB0FF /* RTCRtpSFrameTransformerTests.cpp */,
CDCFA7A91E45122F00C2433D /* SampleMap.cpp */,
CE06DF9A1E1851F200E570C9 /* SecurityOrigin.cpp */,
+ 4102EE1627845ED500D6BE74 /* ServiceWorkerRoutines.cpp */,
41973B5C1AF22875006C7B36 /* SharedBuffer.cpp */,
A17991891E1CA24100A505ED /* SharedBufferTest.cpp */,
A179918A1E1CA24100A505ED /* SharedBufferTest.h */,
@@ -5665,6 +5668,7 @@
1C90420C2326E03C00BEF91E /* SelectionByWord.mm in Sources */,
9B4B5EA522DEBE19001E3D5A /* SelectionModifyByParagraphBoundary.mm in Sources */,
5769C50B1D9B0002000847FB /* SerializedCryptoKeyWrap.mm in Sources */,
+ 4102EE1727845ED500D6BE74 /* ServiceWorkerRoutines.cpp in Sources */,
7CCE7ECB1A411A7E00447C4C /* SetAndUpdateCacheModel.mm in Sources */,
7CCE7ECC1A411A7E00447C4C /* SetDocumentURI.mm in Sources */,
CE6E81A020A6935F00E2C80F /* SetTimeoutFunction.mm in Sources */,
Added: trunk/Tools/TestWebKitAPI/Tests/WebCore/ServiceWorkerRoutines.cpp (0 => 287608)
--- trunk/Tools/TestWebKitAPI/Tests/WebCore/ServiceWorkerRoutines.cpp (rev 0)
+++ trunk/Tools/TestWebKitAPI/Tests/WebCore/ServiceWorkerRoutines.cpp 2022-01-05 08:41:16 UTC (rev 287608)
@@ -0,0 +1,35 @@
+/*
+ * Copyright (C) 2022 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
+ * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+ * THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "config.h"
+
+#include "Test.h"
+#include <WebCore/ServiceWorkerRegistrationKey.h>
+
+TEST(ServiceWorkerRoutines, ServiceWorkerRegistrationKey_fromDatabaseKey)
+{
+ auto key = WebCore::ServiceWorkerRegistrationKey::fromDatabaseKey("_http://test.org"_s);
+ EXPECT_FALSE(!!key);
+}