Changeset 248663 in webkit


Ignore:
Timestamp:
Aug 14, 2019 2:27:00 AM (5 years ago)
Author:
youenn@apple.com
Message:

Fail decoding an invalid SessionID
https://bugs.webkit.org/show_bug.cgi?id=200663

Reviewed by Alex Christensen.

  • pal/SessionID.h:

(PAL::SessionID::isValid const):
(PAL::SessionID::isValidSessionIDValue):
(PAL::SessionID::encode const):
Add a release assert to catch bad sessionID senders.
(PAL::SessionID::decode):
Fail decoding if session ID is not a valid value.

Location:
trunk/Source/WebCore/PAL
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • trunk/Source/WebCore/PAL/ChangeLog

    r248469 r248663  
     12019-08-14  Youenn Fablet  <youenn@apple.com>
     2
     3        Fail decoding an invalid SessionID
     4        https://bugs.webkit.org/show_bug.cgi?id=200663
     5
     6        Reviewed by Alex Christensen.
     7
     8        * pal/SessionID.h:
     9        (PAL::SessionID::isValid const):
     10        (PAL::SessionID::isValidSessionIDValue):
     11        (PAL::SessionID::encode const):
     12        Add a release assert to catch bad sessionID senders.
     13        (PAL::SessionID::decode):
     14        Fail decoding if session ID is not a valid value.
     15
    1162019-08-09  Tim Horton  <timothy_horton@apple.com>
    217

  • trunk/Source/WebCore/PAL/pal/SessionID.h

    r248366 r248663  
    5151    static SessionID legacyPrivateSessionID() { return SessionID(LegacyPrivateSessionID); }
    5252
    53     bool isValid() const { return m_sessionID != HashTableEmptyValueID && m_sessionID != HashTableDeletedValueID; }
     53    bool isValid() const { return isValidSessionIDValue(m_sessionID); }
    5454    bool isEphemeral() const { return m_sessionID & EphemeralSessionMask && m_sessionID != HashTableDeletedValueID; }
    5555
     
    7575    }
    7676
     77    static bool isValidSessionIDValue(uint64_t sessionID) { return sessionID != HashTableEmptyValueID && sessionID != HashTableDeletedValueID; }
     78
    7779    uint64_t m_sessionID;
    7880};
     
    8183void SessionID::encode(Encoder& encoder) const
    8284{
    83     ASSERT(isValid());
     85    // FIXME: Change to a regular ASSERT.
     86    RELEASE_ASSERT(isValid());
    8487    encoder << m_sessionID;
    8588}
     
    9396        return false;
    9497
    95     sessionID = decodedSessionID.value();
     98    sessionID = *decodedSessionID;
    9699    return true;
    97100}
     
    102105    Optional<uint64_t> sessionID;
    103106    decoder >> sessionID;
    104     if (!sessionID)
     107    if (!sessionID || !isValidSessionIDValue(*sessionID))
    105108        return WTF::nullopt;
    106109
    107     // FIXME: We should fail to decode an invalid sessionID.
    108     ASSERT(SessionID { *sessionID }.isValid());
    109110    return SessionID { *sessionID };
    110111}
Note: See TracChangeset for help on using the changeset viewer.