Changeset 140274 in webkit

Timestamp:

Jan 20, 2013 10:57:29 AM (11 years ago)

Author:

ap@apple.com

Message:

Remove obsolete plug-in sandboxing code.
​https://bugs.webkit.org/show_bug.cgi?id=107362

Reviewed by Darin Adler.

Source/WebCore:

• WebCore.xcodeproj/project.pbxproj:
• plugins/npapi-sandbox.h: Removed.

Source/WebKit2:

• WebKit2.xcodeproj/project.pbxproj:
• DerivedSources.make:
• PluginProcess/mac/com.apple.WebKit.PluginProcess.sb.in: Removed.

• PluginProcess/mac/PluginProcessMac.mm:

(WebKit::initializeSandbox): Fixed a memory leak in code that stays.

• WebProcess/Plugins/Netscape/NetscapeBrowserFuncs.cpp:

(WebKit::NPN_GetValue):

• WebProcess/Plugins/Netscape/mac/NetscapeSandboxFunctions.h:
• WebProcess/Plugins/Netscape/mac/NetscapeSandboxFunctions.mm:

Removed API related parts. Remaining code will move to a better place in a follow-up
patch, just keeping it here for easier reviewing.
(enterSandbox): Removed no longer used arguments.

Location:

trunk/Source

Files:

• WebCore/ChangeLog (modified) (1 diff)
• WebCore/WebCore.xcodeproj/project.pbxproj (modified) (2 diffs)
• WebCore/plugins/npapi-sandbox.h (deleted)
• WebKit2/ChangeLog (modified) (1 diff)
• WebKit2/DerivedSources.make (modified) (1 diff)
• WebKit2/PluginProcess/mac/PluginProcessMac.mm (modified) (1 diff)
• WebKit2/PluginProcess/mac/com.apple.WebKit.PluginProcess.sb.in (deleted)
• WebKit2/WebKit2.xcodeproj/project.pbxproj (modified) (8 diffs)
• WebKit2/WebProcess/Plugins/Netscape/NetscapeBrowserFuncs.cpp (modified) (3 diffs)
• WebKit2/WebProcess/Plugins/Netscape/mac/NetscapeSandboxFunctions.h (modified) (1 diff)
• WebKit2/WebProcess/Plugins/Netscape/mac/NetscapeSandboxFunctions.mm (modified) (6 diffs)

trunk/Source/WebCore/ChangeLog

@@ +1 @@
+2013-01-20  Alexey Proskuryakov  <ap@apple.com>
+
+        Remove obsolete plug-in sandboxing code.
+        https://bugs.webkit.org/show_bug.cgi?id=107362
+
+        Reviewed by Darin Adler.
+
+        * WebCore.xcodeproj/project.pbxproj:
+        * plugins/npapi-sandbox.h: Removed.
+
 2013-01-20  Peter Rybin  <peter.rybin@gmail.com>
 

trunk/Source/WebCore/WebCore.xcodeproj/project.pbxproj

@@ -13689 +13689 @@
                 E1284BD31044A01E00EAEB52 /* DOMPageTransitionEvent.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; path = DOMPageTransitionEvent.mm; sourceTree = "<group>"; };
                 E1284BD41044A01E00EAEB52 /* DOMPageTransitionEvent.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = DOMPageTransitionEvent.h; sourceTree = "<group>"; };
-                E129CBD21501702200A7C5FB /* npapi-sandbox.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = "npapi-sandbox.h"; sourceTree = "<group>"; };
                 E12EDB7A0B308A78002704B6 /* EventTarget.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = EventTarget.h; sourceTree = "<group>"; };
                 E12EDBE90B308E0B002704B6 /* EventTarget.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = EventTarget.cpp; sourceTree = "<group>"; };
@@ -15874 +15873 @@
                                 A9C6E4EE0D745E38006442E9 /* DOMPluginArray.h */,
                                 A9C6E6610D74671E006442E9 /* DOMPluginArray.idl */,
-                                E129CBD21501702200A7C5FB /* npapi-sandbox.h */,
                                 1A927FCF1416A15B003A83C8 /* npapi.h */,
                                 1A219B3A0DCA87AB0040E3A0 /* npfunctions.h */,

trunk/Source/WebKit2/ChangeLog

@@ +1 @@
+2013-01-20  Alexey Proskuryakov  <ap@apple.com>
+
+        Remove obsolete plug-in sandboxing code.
+        https://bugs.webkit.org/show_bug.cgi?id=107362
+
+        Reviewed by Darin Adler.
+
+        * WebKit2.xcodeproj/project.pbxproj:
+        * DerivedSources.make:
+        * PluginProcess/mac/com.apple.WebKit.PluginProcess.sb.in: Removed.
+
+        * PluginProcess/mac/PluginProcessMac.mm:
+        (WebKit::initializeSandbox): Fixed a memory leak in code that stays.
+
+        * WebProcess/Plugins/Netscape/NetscapeBrowserFuncs.cpp:
+        (WebKit::NPN_GetValue):
+
+        * WebProcess/Plugins/Netscape/mac/NetscapeSandboxFunctions.h:
+        * WebProcess/Plugins/Netscape/mac/NetscapeSandboxFunctions.mm:
+        Removed API related parts. Remaining code will move to a better place in a follow-up
+        patch, just keeping it here for easier reviewing.
+        (enterSandbox): Removed no longer used arguments.
+
 2013-01-17  Sam Weinig  <sam@webkit.org>
 

trunk/Source/WebKit2/DerivedSources.make

@@ -150 +150 @@
 
 SANDBOX_PROFILES = \
-        com.apple.WebProcess.sb \
-        com.apple.WebKit.PluginProcess.sb
+        com.apple.WebProcess.sb
 
 all: $(SANDBOX_PROFILES)

trunk/Source/WebKit2/PluginProcess/mac/PluginProcessMac.mm

@@ -326 +326 @@
     RetainPtr<CFURLRef> sandboxURL = adoptCF(CFURLCreateWithFileSystemPathRelativeToBase(0, sandboxFileName.get(), kCFURLPOSIXPathStyle, FALSE, sandboxProfileDirectory.get()));
 
-    RetainPtr<NSString> profileString = [[NSString alloc] initWithContentsOfURL:(NSURL *)sandboxURL.get() encoding:NSUTF8StringEncoding error:NULL];
+    RetainPtr<NSString> profileString = adoptNS([[NSString alloc] initWithContentsOfURL:(NSURL *)sandboxURL.get() encoding:NSUTF8StringEncoding error:NULL]);
     if (!profileString)
         return;
 
-    enterSandbox([profileString.get() UTF8String], 0, 0);
+    enterSandbox([profileString.get() UTF8String]);
 }
 

trunk/Source/WebKit2/WebKit2.xcodeproj/project.pbxproj

@@ -837 +837 @@
                 BC9BA50916991C3C00E44616 /* ChildProcessMain.h in Headers */ = {isa = PBXBuildFile; fileRef = BC9BA50716991C3C00E44616 /* ChildProcessMain.h */; };
                 BC9FA520160D3B430054DF9A /* Foundation.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = BC3DE46815A91763008D26FC /* Foundation.framework */; };
-                BC9FA522160D4A0C0054DF9A /* com.apple.WebKit.PluginProcess.sb in Resources */ = {isa = PBXBuildFile; fileRef = E1967E35150AB5D500C73169 /* com.apple.WebKit.PluginProcess.sb */; };
                 BC9FA523160D4A0F0054DF9A /* com.apple.WebProcess.sb in Resources */ = {isa = PBXBuildFile; fileRef = E1967E37150AB5E200C73169 /* com.apple.WebProcess.sb */; };
                 BCA0EF7F12331E78007D3CFB /* WebUndoStep.h in Headers */ = {isa = PBXBuildFile; fileRef = BCA0EF7D12331E78007D3CFB /* WebUndoStep.h */; };
@@ -1046 +1045 @@
                 E19582D3153CBFD700B60875 /* PDFKitImports.h in Headers */ = {isa = PBXBuildFile; fileRef = E19582D2153CBFD700B60875 /* PDFKitImports.h */; };
                 E19582D6153CC05400B60875 /* PDFKitImports.mm in Sources */ = {isa = PBXBuildFile; fileRef = E19582D4153CC05300B60875 /* PDFKitImports.mm */; };
-                E1967E36150AB5D500C73169 /* com.apple.WebKit.PluginProcess.sb in Resources */ = {isa = PBXBuildFile; fileRef = E1967E35150AB5D500C73169 /* com.apple.WebKit.PluginProcess.sb */; };
                 E1967E38150AB5E200C73169 /* com.apple.WebProcess.sb in Resources */ = {isa = PBXBuildFile; fileRef = E1967E37150AB5E200C73169 /* com.apple.WebProcess.sb */; };
                 E199875E142C045400BB2DE7 /* SimplePDFPlugin.mm in Sources */ = {isa = PBXBuildFile; fileRef = E199875C142BFC9700BB2DE7 /* SimplePDFPlugin.mm */; };
@@ -2357 +2355 @@
                 E17BF99514D0A73E00A5A069 /* NetscapeSandboxFunctions.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = NetscapeSandboxFunctions.h; sourceTree = "<group>"; };
                 E17BF99714D0AA8300A5A069 /* NetscapeSandboxFunctions.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; path = NetscapeSandboxFunctions.mm; sourceTree = "<group>"; };
-                E17BF99914D0CBF100A5A069 /* com.apple.WebKit.PluginProcess.sb.in */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = com.apple.WebKit.PluginProcess.sb.in; sourceTree = "<group>"; };
                 E18C92F312DB9E7100CF2AEB /* PrintInfo.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = PrintInfo.cpp; sourceTree = "<group>"; };
                 E18E6909169B563F009B6670 /* SecItemShimProxy.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = SecItemShimProxy.cpp; sourceTree = "<group>"; };
@@ -2371 +2368 @@
                 E19582D2153CBFD700B60875 /* PDFKitImports.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = PDFKitImports.h; sourceTree = "<group>"; };
                 E19582D4153CC05300B60875 /* PDFKitImports.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; path = PDFKitImports.mm; sourceTree = "<group>"; };
-                E1967E35150AB5D500C73169 /* com.apple.WebKit.PluginProcess.sb */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = com.apple.WebKit.PluginProcess.sb; sourceTree = "<group>"; };
                 E1967E37150AB5E200C73169 /* com.apple.WebProcess.sb */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = com.apple.WebProcess.sb; sourceTree = "<group>"; };
                 E199875A142BF9B800BB2DE7 /* SimplePDFPlugin.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = SimplePDFPlugin.h; path = PDF/SimplePDFPlugin.h; sourceTree = "<group>"; };
@@ -2613 +2609 @@
                         children = (
                                 E14E99F914D879C9001D221F /* add-entitlements.sh */,
-                                E17BF99914D0CBF100A5A069 /* com.apple.WebKit.PluginProcess.sb.in */,
                                 1A2D91A51281D739001EB962 /* PluginControllerProxyMac.mm */,
                                 E14E99F814D879B4001D221F /* PluginProcess.entitlements */,
@@ -4296 +4291 @@
                                 512F58A012A883AD00629530 /* AuthenticationManagerMessageReceiver.cpp */,
                                 512F58A112A883AD00629530 /* AuthenticationManagerMessages.h */,
-                                E1967E35150AB5D500C73169 /* com.apple.WebKit.PluginProcess.sb */,
                                 E1967E37150AB5E200C73169 /* com.apple.WebProcess.sb */,
                                 2984F586164BA095004BC0C6 /* CustomProtocolManagerMessageReceiver.cpp */,
@@ -5302 +5296 @@
                         buildActionMask = 2147483647;
                         files = (
-                                BC9FA522160D4A0C0054DF9A /* com.apple.WebKit.PluginProcess.sb in Resources */,
                                 BC9FA523160D4A0F0054DF9A /* com.apple.WebProcess.sb in Resources */,
                                 1CBC945E16515ED200D68AAE /* Dock.pdf in Resources */,
@@ -5329 +5322 @@
                         buildActionMask = 2147483647;
                         files = (
-                                E1967E36150AB5D500C73169 /* com.apple.WebKit.PluginProcess.sb in Resources */,
                         );
                         runOnlyForDeploymentPostprocessing = 0;

trunk/Source/WebKit2/WebProcess/Plugins/Netscape/NetscapeBrowserFuncs.cpp

@@ -40 +40 @@
 #include <wtf/text/StringBuilder.h>
 
-#if PLATFORM(MAC)
-#include "NetscapeSandboxFunctions.h"
-#endif
-
 using namespace WebCore;
 using namespace std;
@@ -413 +409 @@
 static const unsigned WKNVExpectsNonretainedLayer = 74657;
 
-// Whether plug-in code is allowed to enter (arbitrary) sandbox for the process.
-static const unsigned WKNVAllowedToEnterSandbox = 74658;
-
-// WKNVSandboxFunctions = 74659 is defined in NetscapeSandboxFunctions.h
+// 74658 and 74659 are no longer implemented.
 
 #endif
@@ -501 +494 @@
             break;
         }
-
-        case WKNVAllowedToEnterSandbox:
-            *(NPBool*)value = true;
-            break;
-
-#if PLATFORM(MAC) && ENABLE(PLUGIN_PROCESS)
-        case WKNVSandboxFunctions:
-        {
-            *(WKNSandboxFunctions **)value = netscapeSandboxFunctions();
-            break;
-        }
-#endif
 
 #ifndef NP_NO_QUICKDRAW

trunk/Source/WebKit2/WebProcess/Plugins/Netscape/mac/NetscapeSandboxFunctions.h

@@ -27 +27 @@
 #define NetscapeSandboxFunctions_h
 
-#if ENABLE(NETSCAPE_PLUGIN_API) && ENABLE(PLUGIN_PROCESS)
+#if ENABLE(PLUGIN_PROCESS)
 
-#include <WebCore/npapi.h>
+bool enterSandbox(const char* sandboxProfile);
 
-#ifdef __cplusplus
-extern "C" {
-#endif
-    
-#define WKNVSandboxFunctions 74659
-#define WKNVSandboxFunctionsVersionCurrent 1
-
-typedef NPError (*WKN_EnterSandboxProcPtr)(const char *readOnlyPaths[], const char *readWritePaths[]);
-typedef NPError (*WKN_FileStopAccessingProcPtr)(const char* path);
-
-NPError WKN_EnterSandbox(const char *readOnlyPaths[], const char *readWritePaths[]);
-NPError WKN_FileStopAccessing(const char* path);
-
-typedef struct _WKNSandboxFunctions {
-    uint16_t size;
-    uint16_t version;
-    
-    WKN_EnterSandboxProcPtr enterSandbox;
-    WKN_FileStopAccessingProcPtr fileStopAccessing;
-} WKNSandboxFunctions;
-
-// FIXME: This header is mostly "API", except for the following two functions. We should
-// move the declarations to a seperate header.
-WKNSandboxFunctions* netscapeSandboxFunctions();
-NPError enterSandbox(const char* sandboxProfile, const char* readOnlyPaths[], const char* readWritePaths[]);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif // ENABLE(NETSCAPE_PLUGIN_API) && ENABLE(PLUGIN_PROCESS)
+#endif // ENABLE(PLUGIN_PROCESS)
 
 #endif

trunk/Source/WebKit2/WebProcess/Plugins/Netscape/mac/NetscapeSandboxFunctions.mm

@@ -27 +27 @@
 #import "NetscapeSandboxFunctions.h"
 
-#if ENABLE(NETSCAPE_PLUGIN_API) && ENABLE(PLUGIN_PROCESS)
+#if ENABLE(PLUGIN_PROCESS)
 
 #import "PluginProcess.h"
-#import "NetscapePluginModule.h"
 #import "WebKitSystemInterface.h"
 #import <WebCore/FileSystem.h>
-#import <WebCore/SoftLinking.h>
 #import <sys/stat.h>
 #import <sysexits.h>
@@ -40 +38 @@
 #import <wtf/text/CString.h>
 
-SOFT_LINK_FRAMEWORK(CoreServices)
-SOFT_LINK_OPTIONAL(CoreServices, CFURLStopAccessingSecurityScopedResource, void, unused, (CFURLRef))
-
 using namespace WebKit;
 using namespace WebCore;
 
-WKNSandboxFunctions* netscapeSandboxFunctions()
-{
-    static WKNSandboxFunctions functions = {
-        sizeof(WKNSandboxFunctions),
-        WKNVSandboxFunctionsVersionCurrent,
-        WKN_EnterSandbox,
-        WKN_FileStopAccessing
-    };
-    return &functions;
-}
-
 static bool enteredSandbox;
 
-static CString readSandboxProfile()
-{
-    RetainPtr<CFURLRef> profileURL(AdoptCF, CFBundleCopyResourceURL(CFBundleGetMainBundle(), CFSTR("com.apple.WebKit.PluginProcess"), CFSTR("sb"), 0));
-    char profilePath[PATH_MAX];
-    if (!CFURLGetFileSystemRepresentation(profileURL.get(), false, reinterpret_cast<UInt8*>(profilePath), sizeof(profilePath))) {
-        WTFLogAlways("Could not get file system representation of plug-in sandbox URL\n");
-        return CString();
-    }
-
-    FILE *file = fopen(profilePath, "r");
-    if (!file) {
-        WTFLogAlways("Could not open plug-in sandbox file '%s'\n", profilePath);
-        return CString();
-    }
-
-    struct stat fileInfo;
-    if (stat(profilePath, &fileInfo)) {
-        WTFLogAlways("Could not get plug-in sandbox file size '%s'\n", profilePath);
-        return CString();
-    }
-
-    char* characterBuffer;
-    CString result = CString::newUninitialized(fileInfo.st_size, characterBuffer);
-
-    if (1 != fread(characterBuffer, fileInfo.st_size, 1, file)) {
-        WTFLogAlways("Could not read plug-in sandbox file '%s'\n", profilePath);
-        return CString();
-    }
-
-    fclose(file);
-
-    return result;
-}
-
-NPError enterSandbox(const char* sandboxProfile, const char* readOnlyPaths[], const char* readWritePaths[])
+bool enterSandbox(const char* sandboxProfile)
 {
     if (enteredSandbox)
-        return NPERR_GENERIC_ERROR;
+        return false;
 
 #if __MAC_OS_X_VERSION_MIN_REQUIRED >= 1080
@@ -127 +77 @@
 #endif
 
-
-    Vector<const char*> extendedReadOnlyPaths;
-    if (readOnlyPaths) {
-        for (unsigned i = 0; readOnlyPaths[i]; ++i)
-            extendedReadOnlyPaths.append(readOnlyPaths[i]);
-    }
+    Vector<const char*> readOnlyPaths;
 
     CString pluginModulePath = fileSystemRepresentation(PluginProcess::shared().pluginPath());
-    extendedReadOnlyPaths.append(pluginModulePath.data());
+    readOnlyPaths.append(pluginModulePath.data());
 
     // On-disk WebKit framework locations, to account for debug installations.
     // Allowing the whole directory containing WebKit2.framework for the sake of APIs that implicitly load other WebKit frameworks.
     // We don't want to load them now, and thus don't have any better idea of where they are located on disk.
-    extendedReadOnlyPaths.append([[[[[NSBundle bundleWithIdentifier:@"com.apple.WebKit2"] bundleURL] URLByDeletingLastPathComponent] path] fileSystemRepresentation]);
+    readOnlyPaths.append([[[[[NSBundle bundleWithIdentifier:@"com.apple.WebKit2"] bundleURL] URLByDeletingLastPathComponent] path] fileSystemRepresentation]);
 
-    extendedReadOnlyPaths.append(static_cast<const char*>(0));
+    readOnlyPaths.append(static_cast<const char*>(0));
 
-    Vector<const char*> extendedReadWritePaths;
-    if (readWritePaths) {
-        for (unsigned i = 0; readWritePaths[i]; ++i)
-            extendedReadWritePaths.append(readWritePaths[i]);
-    }
+    Vector<const char*> readWritePaths;
 
     char darwinUserTempDirectory[PATH_MAX];
     if (confstr(_CS_DARWIN_USER_TEMP_DIR, darwinUserTempDirectory, PATH_MAX) > 0)
-        extendedReadWritePaths.append(darwinUserTempDirectory);
+        readWritePaths.append(darwinUserTempDirectory);
     else
         exit(EX_OSERR);
@@ -158 +99 @@
     char darwinUserCacheDirectory[PATH_MAX];
     if (confstr(_CS_DARWIN_USER_CACHE_DIR, darwinUserCacheDirectory, PATH_MAX) > 0)
-        extendedReadWritePaths.append(darwinUserCacheDirectory);
+        readWritePaths.append(darwinUserCacheDirectory);
 
     RetainPtr<CFStringRef> cachePath(AdoptCF, WKCopyFoundationCacheDirectory());
-    extendedReadWritePaths.append([(NSString *)cachePath.get() fileSystemRepresentation]);
+    readWritePaths.append([(NSString *)cachePath.get() fileSystemRepresentation]);
 
-    extendedReadWritePaths.append(static_cast<const char*>(0));
+    readWritePaths.append(static_cast<const char*>(0));
 
     // WKEnterPluginSandbox canonicalizes path arrays, but not parameters (because it cannot know if one is a path).
@@ -177 +118 @@
 
     const char* sandboxParameters[] = { "HOME_DIR", homeDirectory, "TEMP_DIR", tempDirectory, 0, 0 };
-    if (!WKEnterPluginSandbox(sandboxProfile, sandboxParameters, extendedReadOnlyPaths.data(), extendedReadWritePaths.data())) {
+    if (!WKEnterPluginSandbox(sandboxProfile, sandboxParameters, readOnlyPaths.data(), readWritePaths.data())) {
         WTFLogAlways("Couldn't initialize sandbox profile\n");
         exit(EX_NOPERM);
@@ -194 +135 @@
     [[NSUserDefaults standardUserDefaults] registerDefaults:defaults.get()];
 
-    return NPERR_NO_ERROR;
+    return true;
 }
 
-NPError WKN_EnterSandbox(const char* readOnlyPaths[], const char* readWritePaths[])
-{
-    CString profile = readSandboxProfile();
-    if (profile.isNull())
-        exit(EX_NOPERM);
-
-    return enterSandbox(profile.data(), readOnlyPaths, readWritePaths);
-}
-
-NPError WKN_FileStopAccessing(const char* path)
-{
-    if (!enteredSandbox)
-        return NPERR_GENERIC_ERROR;
-
-    if (!CFURLStopAccessingSecurityScopedResourcePtr())
-        return NPERR_NO_ERROR;
-
-    RetainPtr<CFStringRef> urlString(AdoptCF, CFStringCreateWithFileSystemRepresentation(0, path));
-    if (!urlString)
-        return NPERR_INVALID_PARAM;
-    RetainPtr<CFURLRef> url(AdoptCF, CFURLCreateWithFileSystemPath(0, urlString.get(), kCFURLPOSIXPathStyle, false));
-
-    CFURLStopAccessingSecurityScopedResourcePtr()(url.get());
-
-    return NPERR_NO_ERROR;
-}
-
-#endif // ENABLE(NETSCAPE_PLUGIN_API) && ENABLE(PLUGIN_PROCESS)
+#endif // ENABLE(PLUGIN_PROCESS)