Changeset 230468 in webkit
- Timestamp:
- Apr 9, 2018 8:50:17 PM (6 years ago)
- Location:
- trunk/Source
- Files:
-
- 15 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/WebCore/ChangeLog
r230467 r230468 1 2018-04-09 Brent Fulgham <bfulgham@apple.com> 2 3 Add ProcessPrivilege assertions to places that access NSApp 4 https://bugs.webkit.org/show_bug.cgi?id=184322 5 <rdar://problem/39194560> 6 7 Reviewed by Per Arne Vollan. 8 9 Add ProcessPrivilege assertions to places where we interact with NSApp so 10 that we can prevent accidentally using them in the WebContent process. 11 12 * page/mac/EventHandlerMac.mm: 13 (WebCore::lastEventIsMouseUp): 14 (WebCore::EventHandler::sendFakeEventsAfterWidgetTracking): 15 * platform/mac/EventLoopMac.mm: 16 (WebCore::EventLoop::cycle): 17 * platform/mac/PasteboardMac.mm: 18 (WebCore::Pasteboard::setDragImage): 19 1 20 2018-04-09 John Wilander <wilander@apple.com> 2 21 -
trunk/Source/WebCore/page/mac/EventHandlerMac.mm
r230454 r230468 70 70 #include <wtf/NeverDestroyed.h> 71 71 #include <wtf/ObjcRuntimeExtras.h> 72 #include <wtf/ProcessPrivilege.h> 72 73 73 74 #if ENABLE(MAC_GESTURE_EVENTS) … … 201 202 202 203 ASSERT([NSApp isRunning]); 204 RELEASE_ASSERT(hasProcessPrivilege(ProcessPrivilege::CanCommunicateWithWindowServer)); 203 205 204 206 BEGIN_BLOCK_OBJC_EXCEPTIONS; … … 570 572 if (!view) 571 573 return; 574 575 RELEASE_ASSERT(hasProcessPrivilege(ProcessPrivilege::CanCommunicateWithWindowServer)); 572 576 573 577 BEGIN_BLOCK_OBJC_EXCEPTIONS; -
trunk/Source/WebCore/platform/mac/EventLoopMac.mm
r228531 r230468 1 1 /* 2 * Copyright (C) 2008 , 2017Apple Inc. All Rights Reserved.2 * Copyright (C) 2008-2018 Apple Inc. All Rights Reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 27 27 #include "EventLoop.h" 28 28 29 #include <wtf/ProcessPrivilege.h> 30 29 31 #if PLATFORM(MAC) 30 32 … … 38 40 return; 39 41 } 42 RELEASE_ASSERT(hasProcessPrivilege(ProcessPrivilege::CanCommunicateWithWindowServer)); 40 43 #endif 41 44 [NSApp setWindowsNeedUpdate:YES]; -
trunk/Source/WebCore/platform/mac/PasteboardMac.mm
r230221 r230468 43 43 #import <pal/spi/cg/CoreGraphicsSPI.h> 44 44 #import <pal/spi/mac/HIServicesSPI.h> 45 #import <wtf/ProcessPrivilege.h> 45 46 #import <wtf/RetainPtr.h> 46 47 #import <wtf/StdLibExtras.h> … … 676 677 // NSRunLoop, and not the NSApplication run loop. 677 678 if ([NSApp isRunning]) { 679 RELEASE_ASSERT(hasProcessPrivilege(ProcessPrivilege::CanCommunicateWithWindowServer)); 678 680 NSEvent* event = [NSEvent mouseEventWithType:NSEventTypeMouseMoved location:NSZeroPoint 679 681 modifierFlags:0 timestamp:0 windowNumber:0 context:nil eventNumber:0 clickCount:0 pressure:0]; -
trunk/Source/WebKit/ChangeLog
r230467 r230468 1 2018-04-09 Brent Fulgham <bfulgham@apple.com> 2 3 Add ProcessPrivilege assertions to places that access NSApp 4 https://bugs.webkit.org/show_bug.cgi?id=184322 5 <rdar://problem/39194560> 6 7 Reviewed by Per Arne Vollan. 8 9 Add ProcessPrivilege assertions to places where we interact with NSApp so 10 that we can prevent accidentally using them in the WebContent process. 11 12 * Shared/mac/ChildProcessMac.mm: 13 (WebKit::ChildProcess::stopNSAppRunLoop): 14 * Shared/mac/HangDetectionDisablerMac.mm: 15 (WebKit::setClientsMayIgnoreEvents): 16 * UIProcess/Cocoa/WebProcessPoolCocoa.mm: 17 (WebKit::WebProcessPool::platformInitializeWebProcess): 18 * UIProcess/Cocoa/WebViewImpl.mm: 19 (WebKit::WebViewImpl::WebViewImpl): 20 (WebKit::WebViewImpl::becomeFirstResponder): 21 (WebKit::WebViewImpl::pluginFocusOrWindowFocusChanged): 22 (WebKit::WebViewImpl::validateUserInterfaceItem): 23 (WebKit::WebViewImpl::startSpeaking): 24 (WebKit::WebViewImpl::stopSpeaking): 25 (WebKit::applicationFlagsForDrag): 26 (WebKit::WebViewImpl::doneWithKeyEvent): 27 * UIProcess/Gamepad/mac/UIGamepadProviderMac.mm: 28 (WebKit::UIGamepadProvider::platformWebPageProxyForGamepadInput): 29 * UIProcess/Plugins/mac/PluginProcessProxyMac.mm: 30 (WebKit::PluginProcessProxy::enterFullscreen): 31 (WebKit::PluginProcessProxy::beginModal): 32 (WebKit::PluginProcessProxy::endModal): 33 * UIProcess/mac/DisplayLink.cpp: 34 (WebKit::DisplayLink::DisplayLink): 35 (WebKit::DisplayLink::~DisplayLink): 36 * UIProcess/mac/PageClientImplMac.mm: 37 (WebKit::PageClientImpl::isViewWindowActive): 38 (WebKit::PageClientImpl::setCursor): 39 * UIProcess/mac/WebPageProxyMac.mm: 40 (WebKit::WebPageProxy::getIsSpeaking): 41 (WebKit::WebPageProxy::speak): 42 (WebKit::WebPageProxy::stopSpeaking): 43 (WebKit::WebPageProxy::startDisplayLink): 44 * UIProcess/mac/WebPopupMenuProxyMac.mm: 45 (WebKit::WebPopupMenuProxyMac::showPopupMenu): 46 1 47 2018-04-09 John Wilander <wilander@apple.com> 2 48 -
trunk/Source/WebKit/Shared/mac/ChildProcessMac.mm
r229480 r230468 39 39 #import <stdlib.h> 40 40 #import <sysexits.h> 41 #import <wtf/ProcessPrivilege.h> 41 42 #import <wtf/Scope.h> 42 43 #import <wtf/spi/darwin/SandboxSPI.h> … … 206 207 { 207 208 ASSERT([NSApp isRunning]); 209 RELEASE_ASSERT(hasProcessPrivilege(ProcessPrivilege::CanCommunicateWithWindowServer)); 208 210 [NSApp stop:nil]; 209 211 -
trunk/Source/WebKit/Shared/mac/HangDetectionDisablerMac.mm
r229484 r230468 1 1 /* 2 * Copyright (C) 2015 Apple Inc. All rights reserved.2 * Copyright (C) 2015-2018 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 30 30 31 31 #include <pal/spi/cg/CoreGraphicsSPI.h> 32 #include <wtf/ProcessPrivilege.h> 32 33 #include <wtf/RetainPtr.h> 33 34 … … 53 54 if (!cgsId) 54 55 return; 56 RELEASE_ASSERT(hasProcessPrivilege(ProcessPrivilege::CanCommunicateWithWindowServer)); 55 57 #endif 56 58 if (CGSSetConnectionProperty(cgsId, cgsId, clientsMayIgnoreEventsKey, clientsMayIgnoreEvents ? kCFBooleanTrue : kCFBooleanFalse) != kCGErrorSuccess) -
trunk/Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm
r229978 r230468 183 183 #pragma clang diagnostic push 184 184 #pragma clang diagnostic ignored "-Wdeprecated-declarations" 185 RELEASE_ASSERT(hasProcessPrivilege(ProcessPrivilege::CanCommunicateWithWindowServer)); 185 186 parameters.accessibilityEnhancedUserInterfaceEnabled = [[NSApp accessibilityAttributeValue:@"AXEnhancedUserInterface"] boolValue]; 186 187 #pragma clang diagnostic pop -
trunk/Source/WebKit/UIProcess/Cocoa/WebViewImpl.mm
r230462 r230468 1 1 /* 2 * Copyright (C) 2015-201 7Apple Inc. All rights reserved.2 * Copyright (C) 2015-2018 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 103 103 #import <sys/stat.h> 104 104 #import <wtf/NeverDestroyed.h> 105 #import <wtf/ProcessPrivilege.h> 105 106 #import <wtf/SetForScope.h> 106 107 #import <wtf/SoftLinking.h> … … 1288 1289 static_cast<PageClientImpl&>(*m_pageClient).setImpl(*this); 1289 1290 1291 RELEASE_ASSERT(hasProcessPrivilege(ProcessPrivilege::CanCommunicateWithWindowServer)); 1290 1292 [NSApp registerServicesMenuSendTypes:PasteboardTypes::forSelection() returnTypes:PasteboardTypes::forEditing()]; 1291 1293 … … 1421 1423 bool WebViewImpl::becomeFirstResponder() 1422 1424 { 1425 RELEASE_ASSERT(hasProcessPrivilege(ProcessPrivilege::CanCommunicateWithWindowServer)); 1423 1426 // If we just became first responder again, there is no need to do anything, 1424 1427 // since resignFirstResponder has correctly detected this situation. … … 2377 2380 void WebViewImpl::pluginFocusOrWindowFocusChanged(bool pluginHasFocusAndWindowHasFocus, uint64_t pluginComplexTextInputIdentifier) 2378 2381 { 2382 RELEASE_ASSERT(hasProcessPrivilege(ProcessPrivilege::CanCommunicateWithWindowServer)); 2379 2383 BOOL inputSourceChanged = m_pluginComplexTextInputIdentifier; 2380 2384 … … 2686 2690 bool WebViewImpl::validateUserInterfaceItem(id <NSValidatedUserInterfaceItem> item) 2687 2691 { 2692 RELEASE_ASSERT(hasProcessPrivilege(ProcessPrivilege::CanCommunicateWithWindowServer)); 2688 2693 SEL action = [item action]; 2689 2694 … … 2807 2812 void WebViewImpl::startSpeaking() 2808 2813 { 2814 RELEASE_ASSERT(hasProcessPrivilege(ProcessPrivilege::CanCommunicateWithWindowServer)); 2809 2815 m_page->getSelectionOrContentsAsString([](const String& string, WebKit::CallbackBase::Error error) { 2810 2816 if (error != WebKit::CallbackBase::Error::None) … … 2819 2825 void WebViewImpl::stopSpeaking(id sender) 2820 2826 { 2827 RELEASE_ASSERT(hasProcessPrivilege(ProcessPrivilege::CanCommunicateWithWindowServer)); 2821 2828 [NSApp stopSpeaking:sender]; 2822 2829 } … … 3631 3638 static WebCore::DragApplicationFlags applicationFlagsForDrag(NSView *view, id <NSDraggingInfo> draggingInfo) 3632 3639 { 3640 RELEASE_ASSERT(hasProcessPrivilege(ProcessPrivilege::CanCommunicateWithWindowServer)); 3633 3641 uint32_t flags = 0; 3634 3642 if ([NSApp modalWindow]) … … 4243 4251 void WebViewImpl::doneWithKeyEvent(NSEvent *event, bool eventWasHandled) 4244 4252 { 4253 RELEASE_ASSERT(hasProcessPrivilege(ProcessPrivilege::CanCommunicateWithWindowServer)); 4245 4254 if ([event type] != NSEventTypeKeyDown) 4246 4255 return; -
trunk/Source/WebKit/UIProcess/Gamepad/mac/UIGamepadProviderMac.mm
r205247 r230468 1 1 /* 2 * Copyright (C) 2016 Apple Inc. All rights reserved.2 * Copyright (C) 2016-2018 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 33 33 #import "WKViewInternal.h" 34 34 #import "WKWebViewInternal.h" 35 #import <wtf/ProcessPrivilege.h> 35 36 36 37 namespace WebKit { … … 38 39 WebPageProxy* UIGamepadProvider::platformWebPageProxyForGamepadInput() 39 40 { 41 RELEASE_ASSERT(hasProcessPrivilege(ProcessPrivilege::CanCommunicateWithWindowServer)); 40 42 auto responder = [[NSApp keyWindow] firstResponder]; 41 43 -
trunk/Source/WebKit/UIProcess/Plugins/mac/PluginProcessProxyMac.mm
r222896 r230468 1 1 /* 2 * Copyright (C) 2010 Apple Inc. All rights reserved.2 * Copyright (C) 2010-2018 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 39 39 #import <pal/spi/cf/CFNetworkSPI.h> 40 40 #import <spawn.h> 41 #import <wtf/ProcessPrivilege.h> 41 42 #import <wtf/text/CString.h> 42 43 … … 132 133 void PluginProcessProxy::enterFullscreen() 133 134 { 135 RELEASE_ASSERT(hasProcessPrivilege(ProcessPrivilege::CanCommunicateWithWindowServer)); 134 136 // Get the current presentation options. 135 137 m_preFullscreenAppPresentationOptions = [NSApp presentationOptions]; … … 192 194 ASSERT(!m_placeholderWindow); 193 195 ASSERT(!m_activationObserver); 194 196 RELEASE_ASSERT(hasProcessPrivilege(ProcessPrivilege::CanCommunicateWithWindowServer)); 197 195 198 m_placeholderWindow = adoptNS([[WKPlaceholderModalWindow alloc] initWithContentRect:NSMakeRect(0, 0, 1, 1) styleMask:NSWindowStyleMaskBorderless backing:NSBackingStoreBuffered defer:YES]); 196 199 [m_placeholderWindow setReleasedWhenClosed:NO]; … … 213 216 ASSERT(m_placeholderWindow); 214 217 ASSERT(m_activationObserver); 215 218 RELEASE_ASSERT(hasProcessPrivilege(ProcessPrivilege::CanCommunicateWithWindowServer)); 219 216 220 [[NSNotificationCenter defaultCenter] removeObserver:m_activationObserver.get()]; 217 221 m_activationObserver = nullptr; -
trunk/Source/WebKit/UIProcess/mac/DisplayLink.cpp
r229707 r230468 32 32 #include "WebPageProxy.h" 33 33 #include "WebProcessProxy.h" 34 #include <wtf/ProcessPrivilege.h> 34 35 35 36 namespace WebKit { … … 38 39 : m_webPageProxy(webPageProxy) 39 40 { 41 RELEASE_ASSERT(hasProcessPrivilege(ProcessPrivilege::CanCommunicateWithWindowServer)); 40 42 CVReturn error = CVDisplayLinkCreateWithCGDisplay(displayID, &m_displayLink); 41 43 if (error) { … … 57 59 DisplayLink::~DisplayLink() 58 60 { 61 RELEASE_ASSERT(hasProcessPrivilege(ProcessPrivilege::CanCommunicateWithWindowServer)); 59 62 ASSERT(m_displayLink); 60 63 if (!m_displayLink) -
trunk/Source/WebKit/UIProcess/mac/PageClientImplMac.mm
r228857 r230468 1 1 /* 2 * Copyright (C) 2010-201 7Apple Inc. All rights reserved.2 * Copyright (C) 2010-2018 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 73 73 #import <WebCore/ValidationBubble.h> 74 74 #import <WebCore/WebCoreCALayerExtras.h> 75 #import <wtf/ProcessPrivilege.h> 75 76 #import <wtf/text/CString.h> 76 77 #import <wtf/text/WTFString.h> … … 161 162 bool PageClientImpl::isViewWindowActive() 162 163 { 164 RELEASE_ASSERT(hasProcessPrivilege(ProcessPrivilege::CanCommunicateWithWindowServer)); 163 165 NSWindow *activeViewWindow = activeWindow(); 164 166 return activeViewWindow.isKeyWindow || [NSApp keyWindow] == activeViewWindow; … … 291 293 void PageClientImpl::setCursor(const WebCore::Cursor& cursor) 292 294 { 295 RELEASE_ASSERT(hasProcessPrivilege(ProcessPrivilege::CanCommunicateWithWindowServer)); 293 296 // FIXME: Would be nice to share this code with WebKit1's WebChromeClient. 294 297 -
trunk/Source/WebKit/UIProcess/mac/WebPageProxyMac.mm
r229707 r230468 1 1 /* 2 * Copyright (C) 2010-201 7Apple Inc. All rights reserved.2 * Copyright (C) 2010-2018 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 59 59 #import <mach-o/dyld.h> 60 60 #import <pal/spi/mac/NSApplicationSPI.h> 61 #import <wtf/ProcessPrivilege.h> 61 62 #import <wtf/text/StringConcatenate.h> 62 63 … … 100 101 void WebPageProxy::getIsSpeaking(bool& isSpeaking) 101 102 { 103 RELEASE_ASSERT(hasProcessPrivilege(ProcessPrivilege::CanCommunicateWithWindowServer)); 102 104 isSpeaking = [NSApp isSpeaking]; 103 105 } … … 105 107 void WebPageProxy::speak(const String& string) 106 108 { 109 RELEASE_ASSERT(hasProcessPrivilege(ProcessPrivilege::CanCommunicateWithWindowServer)); 107 110 [NSApp speakString:nsStringFromWebCoreString(string)]; 108 111 } … … 110 113 void WebPageProxy::stopSpeaking() 111 114 { 115 RELEASE_ASSERT(hasProcessPrivilege(ProcessPrivilege::CanCommunicateWithWindowServer)); 112 116 [NSApp stopSpeaking:nil]; 113 117 } … … 609 613 void WebPageProxy::startDisplayLink(unsigned observerID) 610 614 { 615 RELEASE_ASSERT(hasProcessPrivilege(ProcessPrivilege::CanCommunicateWithWindowServer)); 611 616 if (!m_displayLink) { 612 617 uint32_t displayID = [[[[platformWindow() screen] deviceDescription] objectForKey:@"NSScreenNumber"] intValue]; -
trunk/Source/WebKit/UIProcess/mac/WebPopupMenuProxyMac.mm
r227550 r230468 1 1 /* 2 * Copyright (C) 2010-201 7Apple Inc. All rights reserved.2 * Copyright (C) 2010-2018 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 35 35 #import "WebPopupItem.h" 36 36 #import <pal/system/mac/PopupMenu.h> 37 #import <wtf/ProcessPrivilege.h> 37 38 38 39 using namespace WebCore; … … 99 100 void WebPopupMenuProxyMac::showPopupMenu(const IntRect& rect, TextDirection textDirection, double pageScaleFactor, const Vector<WebPopupItem>& items, const PlatformPopupMenuData& data, int32_t selectedIndex) 100 101 { 102 RELEASE_ASSERT(hasProcessPrivilege(ProcessPrivilege::CanCommunicateWithWindowServer)); 101 103 NSFont *font; 102 104 if (data.fontInfo.fontAttributeDictionary) {
Note: See TracChangeset
for help on using the changeset viewer.