Changeset 140274 in webkit
- Timestamp:
- Jan 20, 2013 10:57:29 AM (11 years ago)
- Location:
- trunk/Source
- Files:
-
- 2 deleted
- 9 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/WebCore/ChangeLog
r140273 r140274 1 2013-01-20 Alexey Proskuryakov <ap@apple.com> 2 3 Remove obsolete plug-in sandboxing code. 4 https://bugs.webkit.org/show_bug.cgi?id=107362 5 6 Reviewed by Darin Adler. 7 8 * WebCore.xcodeproj/project.pbxproj: 9 * plugins/npapi-sandbox.h: Removed. 10 1 11 2013-01-20 Peter Rybin <peter.rybin@gmail.com> 2 12 -
trunk/Source/WebCore/WebCore.xcodeproj/project.pbxproj
r140265 r140274 13689 13689 E1284BD31044A01E00EAEB52 /* DOMPageTransitionEvent.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; path = DOMPageTransitionEvent.mm; sourceTree = "<group>"; }; 13690 13690 E1284BD41044A01E00EAEB52 /* DOMPageTransitionEvent.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = DOMPageTransitionEvent.h; sourceTree = "<group>"; }; 13691 E129CBD21501702200A7C5FB /* npapi-sandbox.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = "npapi-sandbox.h"; sourceTree = "<group>"; };13692 13691 E12EDB7A0B308A78002704B6 /* EventTarget.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = EventTarget.h; sourceTree = "<group>"; }; 13693 13692 E12EDBE90B308E0B002704B6 /* EventTarget.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = EventTarget.cpp; sourceTree = "<group>"; }; … … 15874 15873 A9C6E4EE0D745E38006442E9 /* DOMPluginArray.h */, 15875 15874 A9C6E6610D74671E006442E9 /* DOMPluginArray.idl */, 15876 E129CBD21501702200A7C5FB /* npapi-sandbox.h */,15877 15875 1A927FCF1416A15B003A83C8 /* npapi.h */, 15878 15876 1A219B3A0DCA87AB0040E3A0 /* npfunctions.h */, -
trunk/Source/WebKit2/ChangeLog
r140230 r140274 1 2013-01-20 Alexey Proskuryakov <ap@apple.com> 2 3 Remove obsolete plug-in sandboxing code. 4 https://bugs.webkit.org/show_bug.cgi?id=107362 5 6 Reviewed by Darin Adler. 7 8 * WebKit2.xcodeproj/project.pbxproj: 9 * DerivedSources.make: 10 * PluginProcess/mac/com.apple.WebKit.PluginProcess.sb.in: Removed. 11 12 * PluginProcess/mac/PluginProcessMac.mm: 13 (WebKit::initializeSandbox): Fixed a memory leak in code that stays. 14 15 * WebProcess/Plugins/Netscape/NetscapeBrowserFuncs.cpp: 16 (WebKit::NPN_GetValue): 17 18 * WebProcess/Plugins/Netscape/mac/NetscapeSandboxFunctions.h: 19 * WebProcess/Plugins/Netscape/mac/NetscapeSandboxFunctions.mm: 20 Removed API related parts. Remaining code will move to a better place in a follow-up 21 patch, just keeping it here for easier reviewing. 22 (enterSandbox): Removed no longer used arguments. 23 1 24 2013-01-17 Sam Weinig <sam@webkit.org> 2 25 -
trunk/Source/WebKit2/DerivedSources.make
r139009 r140274 150 150 151 151 SANDBOX_PROFILES = \ 152 com.apple.WebProcess.sb \ 153 com.apple.WebKit.PluginProcess.sb 152 com.apple.WebProcess.sb 154 153 155 154 all: $(SANDBOX_PROFILES) -
trunk/Source/WebKit2/PluginProcess/mac/PluginProcessMac.mm
r140220 r140274 326 326 RetainPtr<CFURLRef> sandboxURL = adoptCF(CFURLCreateWithFileSystemPathRelativeToBase(0, sandboxFileName.get(), kCFURLPOSIXPathStyle, FALSE, sandboxProfileDirectory.get())); 327 327 328 RetainPtr<NSString> profileString = [[NSString alloc] initWithContentsOfURL:(NSURL *)sandboxURL.get() encoding:NSUTF8StringEncoding error:NULL];328 RetainPtr<NSString> profileString = adoptNS([[NSString alloc] initWithContentsOfURL:(NSURL *)sandboxURL.get() encoding:NSUTF8StringEncoding error:NULL]); 329 329 if (!profileString) 330 330 return; 331 331 332 enterSandbox([profileString.get() UTF8String] , 0, 0);332 enterSandbox([profileString.get() UTF8String]); 333 333 } 334 334 -
trunk/Source/WebKit2/WebKit2.xcodeproj/project.pbxproj
r140218 r140274 837 837 BC9BA50916991C3C00E44616 /* ChildProcessMain.h in Headers */ = {isa = PBXBuildFile; fileRef = BC9BA50716991C3C00E44616 /* ChildProcessMain.h */; }; 838 838 BC9FA520160D3B430054DF9A /* Foundation.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = BC3DE46815A91763008D26FC /* Foundation.framework */; }; 839 BC9FA522160D4A0C0054DF9A /* com.apple.WebKit.PluginProcess.sb in Resources */ = {isa = PBXBuildFile; fileRef = E1967E35150AB5D500C73169 /* com.apple.WebKit.PluginProcess.sb */; };840 839 BC9FA523160D4A0F0054DF9A /* com.apple.WebProcess.sb in Resources */ = {isa = PBXBuildFile; fileRef = E1967E37150AB5E200C73169 /* com.apple.WebProcess.sb */; }; 841 840 BCA0EF7F12331E78007D3CFB /* WebUndoStep.h in Headers */ = {isa = PBXBuildFile; fileRef = BCA0EF7D12331E78007D3CFB /* WebUndoStep.h */; }; … … 1046 1045 E19582D3153CBFD700B60875 /* PDFKitImports.h in Headers */ = {isa = PBXBuildFile; fileRef = E19582D2153CBFD700B60875 /* PDFKitImports.h */; }; 1047 1046 E19582D6153CC05400B60875 /* PDFKitImports.mm in Sources */ = {isa = PBXBuildFile; fileRef = E19582D4153CC05300B60875 /* PDFKitImports.mm */; }; 1048 E1967E36150AB5D500C73169 /* com.apple.WebKit.PluginProcess.sb in Resources */ = {isa = PBXBuildFile; fileRef = E1967E35150AB5D500C73169 /* com.apple.WebKit.PluginProcess.sb */; };1049 1047 E1967E38150AB5E200C73169 /* com.apple.WebProcess.sb in Resources */ = {isa = PBXBuildFile; fileRef = E1967E37150AB5E200C73169 /* com.apple.WebProcess.sb */; }; 1050 1048 E199875E142C045400BB2DE7 /* SimplePDFPlugin.mm in Sources */ = {isa = PBXBuildFile; fileRef = E199875C142BFC9700BB2DE7 /* SimplePDFPlugin.mm */; }; … … 2357 2355 E17BF99514D0A73E00A5A069 /* NetscapeSandboxFunctions.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = NetscapeSandboxFunctions.h; sourceTree = "<group>"; }; 2358 2356 E17BF99714D0AA8300A5A069 /* NetscapeSandboxFunctions.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; path = NetscapeSandboxFunctions.mm; sourceTree = "<group>"; }; 2359 E17BF99914D0CBF100A5A069 /* com.apple.WebKit.PluginProcess.sb.in */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = com.apple.WebKit.PluginProcess.sb.in; sourceTree = "<group>"; };2360 2357 E18C92F312DB9E7100CF2AEB /* PrintInfo.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = PrintInfo.cpp; sourceTree = "<group>"; }; 2361 2358 E18E6909169B563F009B6670 /* SecItemShimProxy.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = SecItemShimProxy.cpp; sourceTree = "<group>"; }; … … 2371 2368 E19582D2153CBFD700B60875 /* PDFKitImports.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = PDFKitImports.h; sourceTree = "<group>"; }; 2372 2369 E19582D4153CC05300B60875 /* PDFKitImports.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; path = PDFKitImports.mm; sourceTree = "<group>"; }; 2373 E1967E35150AB5D500C73169 /* com.apple.WebKit.PluginProcess.sb */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = com.apple.WebKit.PluginProcess.sb; sourceTree = "<group>"; };2374 2370 E1967E37150AB5E200C73169 /* com.apple.WebProcess.sb */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = com.apple.WebProcess.sb; sourceTree = "<group>"; }; 2375 2371 E199875A142BF9B800BB2DE7 /* SimplePDFPlugin.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = SimplePDFPlugin.h; path = PDF/SimplePDFPlugin.h; sourceTree = "<group>"; }; … … 2613 2609 children = ( 2614 2610 E14E99F914D879C9001D221F /* add-entitlements.sh */, 2615 E17BF99914D0CBF100A5A069 /* com.apple.WebKit.PluginProcess.sb.in */,2616 2611 1A2D91A51281D739001EB962 /* PluginControllerProxyMac.mm */, 2617 2612 E14E99F814D879B4001D221F /* PluginProcess.entitlements */, … … 4296 4291 512F58A012A883AD00629530 /* AuthenticationManagerMessageReceiver.cpp */, 4297 4292 512F58A112A883AD00629530 /* AuthenticationManagerMessages.h */, 4298 E1967E35150AB5D500C73169 /* com.apple.WebKit.PluginProcess.sb */,4299 4293 E1967E37150AB5E200C73169 /* com.apple.WebProcess.sb */, 4300 4294 2984F586164BA095004BC0C6 /* CustomProtocolManagerMessageReceiver.cpp */, … … 5302 5296 buildActionMask = 2147483647; 5303 5297 files = ( 5304 BC9FA522160D4A0C0054DF9A /* com.apple.WebKit.PluginProcess.sb in Resources */,5305 5298 BC9FA523160D4A0F0054DF9A /* com.apple.WebProcess.sb in Resources */, 5306 5299 1CBC945E16515ED200D68AAE /* Dock.pdf in Resources */, … … 5329 5322 buildActionMask = 2147483647; 5330 5323 files = ( 5331 E1967E36150AB5D500C73169 /* com.apple.WebKit.PluginProcess.sb in Resources */,5332 5324 ); 5333 5325 runOnlyForDeploymentPostprocessing = 0; -
trunk/Source/WebKit2/WebProcess/Plugins/Netscape/NetscapeBrowserFuncs.cpp
r139023 r140274 40 40 #include <wtf/text/StringBuilder.h> 41 41 42 #if PLATFORM(MAC)43 #include "NetscapeSandboxFunctions.h"44 #endif45 46 42 using namespace WebCore; 47 43 using namespace std; … … 413 409 static const unsigned WKNVExpectsNonretainedLayer = 74657; 414 410 415 // Whether plug-in code is allowed to enter (arbitrary) sandbox for the process. 416 static const unsigned WKNVAllowedToEnterSandbox = 74658; 417 418 // WKNVSandboxFunctions = 74659 is defined in NetscapeSandboxFunctions.h 411 // 74658 and 74659 are no longer implemented. 419 412 420 413 #endif … … 501 494 break; 502 495 } 503 504 case WKNVAllowedToEnterSandbox:505 *(NPBool*)value = true;506 break;507 508 #if PLATFORM(MAC) && ENABLE(PLUGIN_PROCESS)509 case WKNVSandboxFunctions:510 {511 *(WKNSandboxFunctions **)value = netscapeSandboxFunctions();512 break;513 }514 #endif515 496 516 497 #ifndef NP_NO_QUICKDRAW -
trunk/Source/WebKit2/WebProcess/Plugins/Netscape/mac/NetscapeSandboxFunctions.h
r128836 r140274 27 27 #define NetscapeSandboxFunctions_h 28 28 29 #if ENABLE( NETSCAPE_PLUGIN_API) && ENABLE(PLUGIN_PROCESS)29 #if ENABLE(PLUGIN_PROCESS) 30 30 31 #include <WebCore/npapi.h> 31 bool enterSandbox(const char* sandboxProfile); 32 32 33 #ifdef __cplusplus 34 extern "C" { 35 #endif 36 37 #define WKNVSandboxFunctions 74659 38 #define WKNVSandboxFunctionsVersionCurrent 1 39 40 typedef NPError (*WKN_EnterSandboxProcPtr)(const char *readOnlyPaths[], const char *readWritePaths[]); 41 typedef NPError (*WKN_FileStopAccessingProcPtr)(const char* path); 42 43 NPError WKN_EnterSandbox(const char *readOnlyPaths[], const char *readWritePaths[]); 44 NPError WKN_FileStopAccessing(const char* path); 45 46 typedef struct _WKNSandboxFunctions { 47 uint16_t size; 48 uint16_t version; 49 50 WKN_EnterSandboxProcPtr enterSandbox; 51 WKN_FileStopAccessingProcPtr fileStopAccessing; 52 } WKNSandboxFunctions; 53 54 // FIXME: This header is mostly "API", except for the following two functions. We should 55 // move the declarations to a seperate header. 56 WKNSandboxFunctions* netscapeSandboxFunctions(); 57 NPError enterSandbox(const char* sandboxProfile, const char* readOnlyPaths[], const char* readWritePaths[]); 58 59 #ifdef __cplusplus 60 } 61 #endif 62 63 #endif // ENABLE(NETSCAPE_PLUGIN_API) && ENABLE(PLUGIN_PROCESS) 33 #endif // ENABLE(PLUGIN_PROCESS) 64 34 65 35 #endif -
trunk/Source/WebKit2/WebProcess/Plugins/Netscape/mac/NetscapeSandboxFunctions.mm
r138078 r140274 27 27 #import "NetscapeSandboxFunctions.h" 28 28 29 #if ENABLE( NETSCAPE_PLUGIN_API) && ENABLE(PLUGIN_PROCESS)29 #if ENABLE(PLUGIN_PROCESS) 30 30 31 31 #import "PluginProcess.h" 32 #import "NetscapePluginModule.h"33 32 #import "WebKitSystemInterface.h" 34 33 #import <WebCore/FileSystem.h> 35 #import <WebCore/SoftLinking.h>36 34 #import <sys/stat.h> 37 35 #import <sysexits.h> … … 40 38 #import <wtf/text/CString.h> 41 39 42 SOFT_LINK_FRAMEWORK(CoreServices)43 SOFT_LINK_OPTIONAL(CoreServices, CFURLStopAccessingSecurityScopedResource, void, unused, (CFURLRef))44 45 40 using namespace WebKit; 46 41 using namespace WebCore; 47 42 48 WKNSandboxFunctions* netscapeSandboxFunctions()49 {50 static WKNSandboxFunctions functions = {51 sizeof(WKNSandboxFunctions),52 WKNVSandboxFunctionsVersionCurrent,53 WKN_EnterSandbox,54 WKN_FileStopAccessing55 };56 return &functions;57 }58 59 43 static bool enteredSandbox; 60 44 61 static CString readSandboxProfile() 62 { 63 RetainPtr<CFURLRef> profileURL(AdoptCF, CFBundleCopyResourceURL(CFBundleGetMainBundle(), CFSTR("com.apple.WebKit.PluginProcess"), CFSTR("sb"), 0)); 64 char profilePath[PATH_MAX]; 65 if (!CFURLGetFileSystemRepresentation(profileURL.get(), false, reinterpret_cast<UInt8*>(profilePath), sizeof(profilePath))) { 66 WTFLogAlways("Could not get file system representation of plug-in sandbox URL\n"); 67 return CString(); 68 } 69 70 FILE *file = fopen(profilePath, "r"); 71 if (!file) { 72 WTFLogAlways("Could not open plug-in sandbox file '%s'\n", profilePath); 73 return CString(); 74 } 75 76 struct stat fileInfo; 77 if (stat(profilePath, &fileInfo)) { 78 WTFLogAlways("Could not get plug-in sandbox file size '%s'\n", profilePath); 79 return CString(); 80 } 81 82 char* characterBuffer; 83 CString result = CString::newUninitialized(fileInfo.st_size, characterBuffer); 84 85 if (1 != fread(characterBuffer, fileInfo.st_size, 1, file)) { 86 WTFLogAlways("Could not read plug-in sandbox file '%s'\n", profilePath); 87 return CString(); 88 } 89 90 fclose(file); 91 92 return result; 93 } 94 95 NPError enterSandbox(const char* sandboxProfile, const char* readOnlyPaths[], const char* readWritePaths[]) 45 bool enterSandbox(const char* sandboxProfile) 96 46 { 97 47 if (enteredSandbox) 98 return NPERR_GENERIC_ERROR;48 return false; 99 49 100 50 #if __MAC_OS_X_VERSION_MIN_REQUIRED >= 1080 … … 127 77 #endif 128 78 129 130 Vector<const char*> extendedReadOnlyPaths; 131 if (readOnlyPaths) { 132 for (unsigned i = 0; readOnlyPaths[i]; ++i) 133 extendedReadOnlyPaths.append(readOnlyPaths[i]); 134 } 79 Vector<const char*> readOnlyPaths; 135 80 136 81 CString pluginModulePath = fileSystemRepresentation(PluginProcess::shared().pluginPath()); 137 extendedReadOnlyPaths.append(pluginModulePath.data());82 readOnlyPaths.append(pluginModulePath.data()); 138 83 139 84 // On-disk WebKit framework locations, to account for debug installations. 140 85 // Allowing the whole directory containing WebKit2.framework for the sake of APIs that implicitly load other WebKit frameworks. 141 86 // We don't want to load them now, and thus don't have any better idea of where they are located on disk. 142 extendedReadOnlyPaths.append([[[[[NSBundle bundleWithIdentifier:@"com.apple.WebKit2"] bundleURL] URLByDeletingLastPathComponent] path] fileSystemRepresentation]);87 readOnlyPaths.append([[[[[NSBundle bundleWithIdentifier:@"com.apple.WebKit2"] bundleURL] URLByDeletingLastPathComponent] path] fileSystemRepresentation]); 143 88 144 extendedReadOnlyPaths.append(static_cast<const char*>(0));89 readOnlyPaths.append(static_cast<const char*>(0)); 145 90 146 Vector<const char*> extendedReadWritePaths; 147 if (readWritePaths) { 148 for (unsigned i = 0; readWritePaths[i]; ++i) 149 extendedReadWritePaths.append(readWritePaths[i]); 150 } 91 Vector<const char*> readWritePaths; 151 92 152 93 char darwinUserTempDirectory[PATH_MAX]; 153 94 if (confstr(_CS_DARWIN_USER_TEMP_DIR, darwinUserTempDirectory, PATH_MAX) > 0) 154 extendedReadWritePaths.append(darwinUserTempDirectory);95 readWritePaths.append(darwinUserTempDirectory); 155 96 else 156 97 exit(EX_OSERR); … … 158 99 char darwinUserCacheDirectory[PATH_MAX]; 159 100 if (confstr(_CS_DARWIN_USER_CACHE_DIR, darwinUserCacheDirectory, PATH_MAX) > 0) 160 extendedReadWritePaths.append(darwinUserCacheDirectory);101 readWritePaths.append(darwinUserCacheDirectory); 161 102 162 103 RetainPtr<CFStringRef> cachePath(AdoptCF, WKCopyFoundationCacheDirectory()); 163 extendedReadWritePaths.append([(NSString *)cachePath.get() fileSystemRepresentation]);104 readWritePaths.append([(NSString *)cachePath.get() fileSystemRepresentation]); 164 105 165 extendedReadWritePaths.append(static_cast<const char*>(0));106 readWritePaths.append(static_cast<const char*>(0)); 166 107 167 108 // WKEnterPluginSandbox canonicalizes path arrays, but not parameters (because it cannot know if one is a path). … … 177 118 178 119 const char* sandboxParameters[] = { "HOME_DIR", homeDirectory, "TEMP_DIR", tempDirectory, 0, 0 }; 179 if (!WKEnterPluginSandbox(sandboxProfile, sandboxParameters, extendedReadOnlyPaths.data(), extendedReadWritePaths.data())) {120 if (!WKEnterPluginSandbox(sandboxProfile, sandboxParameters, readOnlyPaths.data(), readWritePaths.data())) { 180 121 WTFLogAlways("Couldn't initialize sandbox profile\n"); 181 122 exit(EX_NOPERM); … … 194 135 [[NSUserDefaults standardUserDefaults] registerDefaults:defaults.get()]; 195 136 196 return NPERR_NO_ERROR;137 return true; 197 138 } 198 139 199 NPError WKN_EnterSandbox(const char* readOnlyPaths[], const char* readWritePaths[]) 200 { 201 CString profile = readSandboxProfile(); 202 if (profile.isNull()) 203 exit(EX_NOPERM); 204 205 return enterSandbox(profile.data(), readOnlyPaths, readWritePaths); 206 } 207 208 NPError WKN_FileStopAccessing(const char* path) 209 { 210 if (!enteredSandbox) 211 return NPERR_GENERIC_ERROR; 212 213 if (!CFURLStopAccessingSecurityScopedResourcePtr()) 214 return NPERR_NO_ERROR; 215 216 RetainPtr<CFStringRef> urlString(AdoptCF, CFStringCreateWithFileSystemRepresentation(0, path)); 217 if (!urlString) 218 return NPERR_INVALID_PARAM; 219 RetainPtr<CFURLRef> url(AdoptCF, CFURLCreateWithFileSystemPath(0, urlString.get(), kCFURLPOSIXPathStyle, false)); 220 221 CFURLStopAccessingSecurityScopedResourcePtr()(url.get()); 222 223 return NPERR_NO_ERROR; 224 } 225 226 #endif // ENABLE(NETSCAPE_PLUGIN_API) && ENABLE(PLUGIN_PROCESS) 140 #endif // ENABLE(PLUGIN_PROCESS)
Note: See TracChangeset
for help on using the changeset viewer.