Changeset 163242 in webkit
- Timestamp:
- Feb 1, 2014 8:32:11 AM (10 years ago)
- Location:
- trunk/Source/WebCore
- Files:
-
- 14 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/WebCore/ChangeLog
r163240 r163242 1 2014-02-01 David Kilzer <ddkilzer@apple.com> 2 3 Add security-checked casts for all WebCore::CachedResource subclasses 4 <http://webkit.org/b/127988> 5 6 Reviewed by Darin Adler. 7 8 * inspector/InspectorPageAgent.cpp: 9 (WebCore::InspectorPageAgent::cachedResourceContent): 10 * inspector/InspectorResourceAgent.cpp: 11 (WebCore::InspectorResourceAgent::didLoadResourceFromMemoryCache): 12 - Switch from static_cast<>() to security-checked cast. 13 14 * loader/cache/CachedCSSStyleSheet.h: 15 (WebCore::toCachedCSSStyleSheet): Add. 16 * loader/cache/CachedFont.h: 17 (WebCore::toCachedFont): Add. 18 19 * loader/cache/CachedImage.h: Make CachedImageManual final. 20 21 * loader/cache/CachedRawResource.cpp: 22 (WebCore::CachedRawResource::CachedRawResource): Add assert that 23 only MainResource or RawResource types are used to construct a 24 CachedRawResource. This may be a security issue depending on 25 what code exists that uses the type() value to cast to a 26 CachedResource subclass. 27 (WebCore::CachedRawResource::switchClientsToRevalidatedResource): 28 Switch from static_cast<>() to toCachedRawResource(). 29 30 * loader/cache/CachedRawResource.h: 31 (WebCore::toCachedRawResource): Add. 32 * loader/cache/CachedResource.h: 33 (WebCore::CachedResource::isMainOrRawResource): Add. A 34 CachedRawResource could be either a MainResource or a 35 RawResource. Currently only used in assertions. 36 37 * loader/cache/CachedResourceLoader.cpp: 38 (WebCore::CachedResourceLoader::requestFont): 39 (WebCore::CachedResourceLoader::requestTextTrack): 40 (WebCore::CachedResourceLoader::requestCSSStyleSheet): 41 (WebCore::CachedResourceLoader::requestUserCSSStyleSheet): 42 (WebCore::CachedResourceLoader::requestScript): 43 (WebCore::CachedResourceLoader::requestXSLStyleSheet): 44 (WebCore::CachedResourceLoader::requestSVGDocument): 45 (WebCore::CachedResourceLoader::requestRawResource): 46 (WebCore::CachedResourceLoader::requestMainResource): 47 - Switch from static_cast<>() to security-checked cast. 48 49 * loader/cache/CachedSVGDocument.h: 50 (WebCore::toCachedSVGDocument): Add. 51 * loader/cache/CachedScript.h: 52 (WebCore::toCachedScript): Add. 53 * loader/cache/CachedTextTrack.h: 54 (WebCore::toCachedTextTrack): Add. 55 * loader/cache/CachedXSLStyleSheet.h: 56 (WebCore::toCachedXSLStyleSheet): Add. 57 1 58 2014-02-01 Xabier Rodriguez Calvar <calvaris@igalia.com> 2 59 -
trunk/Source/WebCore/inspector/InspectorPageAgent.cpp
r162692 r163242 175 175 switch (cachedResource->type()) { 176 176 case CachedResource::CSSStyleSheet: 177 *result = static_cast<CachedCSSStyleSheet*>(cachedResource)->sheetText(false);177 *result = toCachedCSSStyleSheet(cachedResource)->sheetText(false); 178 178 return true; 179 179 case CachedResource::Script: 180 *result = static_cast<CachedScript*>(cachedResource)->script();180 *result = toCachedScript(cachedResource)->script(); 181 181 return true; 182 182 case CachedResource::RawResource: { -
trunk/Source/WebCore/inspector/InspectorResourceAgent.cpp
r163089 r163242 335 335 m_resourcesData->addCachedResource(requestId, resource); 336 336 if (resource->type() == CachedResource::RawResource) { 337 CachedRawResource* rawResource = static_cast<CachedRawResource*>(resource);337 CachedRawResource* rawResource = toCachedRawResource(resource); 338 338 String rawRequestId = IdentifiersFactory::requestId(rawResource->identifier()); 339 339 m_resourcesData->reuseXHRReplayData(requestId, rawRequestId); -
trunk/Source/WebCore/loader/cache/CachedCSSStyleSheet.h
r162158 r163242 68 68 }; 69 69 70 CACHED_RESOURCE_TYPE_CASTS(CachedCSSStyleSheet, CachedResource, CachedResource::CSSStyleSheet) 71 70 72 } 71 73 -
trunk/Source/WebCore/loader/cache/CachedFont.h
r162897 r163242 79 79 }; 80 80 81 CACHED_RESOURCE_TYPE_CASTS(CachedFont, CachedResource, CachedResource::FontResource) 82 81 83 } // namespace WebCore 82 84 -
trunk/Source/WebCore/loader/cache/CachedImage.h
r163148 r163242 150 150 // into CachedImage or find a better place for this class. 151 151 // FIXME: Remove the USE(CF) once we make MemoryCache::addImageToCache() platform-independent. 152 class CachedImageManual : public CachedImage {152 class CachedImageManual final : public CachedImage { 153 153 public: 154 154 CachedImageManual(const URL&, Image*); -
trunk/Source/WebCore/loader/cache/CachedRawResource.cpp
r163089 r163242 40 40 , m_identifier(0) 41 41 { 42 // FIXME: The wrong CachedResource::Type here may cause a bad cast elsewhere. 43 ASSERT(isMainOrRawResource()); 42 44 } 43 45 … … 182 184 // If we're in the middle of a successful revalidation, responseReceived() hasn't been called, so we haven't set m_identifier. 183 185 ASSERT(!m_identifier); 184 static_cast<CachedRawResource*>(resourceToRevalidate())->m_identifier = m_loader->identifier();186 toCachedRawResource(resourceToRevalidate())->m_identifier = m_loader->identifier(); 185 187 CachedResource::switchClientsToRevalidatedResource(); 186 188 } -
trunk/Source/WebCore/loader/cache/CachedRawResource.h
r162158 r163242 89 89 }; 90 90 91 TYPE_CASTS_BASE(CachedRawResource, CachedResource, resource, resource->isMainOrRawResource(), resource.isMainOrRawResource()) 92 91 93 } 92 94 -
trunk/Source/WebCore/loader/cache/CachedResource.h
r163148 r163242 157 157 158 158 bool isImage() const { return type() == ImageResource; } 159 // FIXME: CachedRawResource could be either a main resource or a raw XHR resource. 160 bool isMainOrRawResource() const { return type() == MainResource || type() == RawResource; } 159 161 bool ignoreForRequestCount() const 160 162 { -
trunk/Source/WebCore/loader/cache/CachedResourceLoader.cpp
r163148 r163242 166 166 CachedResourceHandle<CachedFont> CachedResourceLoader::requestFont(CachedResourceRequest& request) 167 167 { 168 return static_cast<CachedFont*>(requestResource(CachedResource::FontResource, request).get());168 return toCachedFont(requestResource(CachedResource::FontResource, request).get()); 169 169 } 170 170 … … 172 172 CachedResourceHandle<CachedTextTrack> CachedResourceLoader::requestTextTrack(CachedResourceRequest& request) 173 173 { 174 return static_cast<CachedTextTrack*>(requestResource(CachedResource::TextTrackResource, request).get());174 return toCachedTextTrack(requestResource(CachedResource::TextTrackResource, request).get()); 175 175 } 176 176 #endif … … 178 178 CachedResourceHandle<CachedCSSStyleSheet> CachedResourceLoader::requestCSSStyleSheet(CachedResourceRequest& request) 179 179 { 180 return static_cast<CachedCSSStyleSheet*>(requestResource(CachedResource::CSSStyleSheet, request).get());180 return toCachedCSSStyleSheet(requestResource(CachedResource::CSSStyleSheet, request).get()); 181 181 } 182 182 … … 191 191 if (CachedResource* existing = memoryCache()->resourceForRequest(request.resourceRequest())) { 192 192 if (existing->type() == CachedResource::CSSStyleSheet) 193 return static_cast<CachedCSSStyleSheet*>(existing);193 return toCachedCSSStyleSheet(existing); 194 194 memoryCache()->remove(existing); 195 195 } … … 209 209 CachedResourceHandle<CachedScript> CachedResourceLoader::requestScript(CachedResourceRequest& request) 210 210 { 211 return static_cast<CachedScript*>(requestResource(CachedResource::Script, request).get());211 return toCachedScript(requestResource(CachedResource::Script, request).get()); 212 212 } 213 213 … … 215 215 CachedResourceHandle<CachedXSLStyleSheet> CachedResourceLoader::requestXSLStyleSheet(CachedResourceRequest& request) 216 216 { 217 return static_cast<CachedXSLStyleSheet*>(requestResource(CachedResource::XSLStyleSheet, request).get());217 return toCachedXSLStyleSheet(requestResource(CachedResource::XSLStyleSheet, request).get()); 218 218 } 219 219 #endif … … 222 222 CachedResourceHandle<CachedSVGDocument> CachedResourceLoader::requestSVGDocument(CachedResourceRequest& request) 223 223 { 224 return static_cast<CachedSVGDocument*>(requestResource(CachedResource::SVGDocumentResource, request).get());224 return toCachedSVGDocument(requestResource(CachedResource::SVGDocumentResource, request).get()); 225 225 } 226 226 #endif … … 237 237 CachedResourceHandle<CachedRawResource> CachedResourceLoader::requestRawResource(CachedResourceRequest& request) 238 238 { 239 return static_cast<CachedRawResource*>(requestResource(CachedResource::RawResource, request).get());239 return toCachedRawResource(requestResource(CachedResource::RawResource, request).get()); 240 240 } 241 241 242 242 CachedResourceHandle<CachedRawResource> CachedResourceLoader::requestMainResource(CachedResourceRequest& request) 243 243 { 244 return static_cast<CachedRawResource*>(requestResource(CachedResource::MainResource, request).get());244 return toCachedRawResource(requestResource(CachedResource::MainResource, request).get()); 245 245 } 246 246 -
trunk/Source/WebCore/loader/cache/CachedSVGDocument.h
r162158 r163242 50 50 }; 51 51 52 CACHED_RESOURCE_TYPE_CASTS(CachedSVGDocument, CachedResource, CachedResource::SVGDocumentResource) 53 52 54 } // namespace WebCore 53 55 -
trunk/Source/WebCore/loader/cache/CachedScript.h
r162158 r163242 62 62 RefPtr<TextResourceDecoder> m_decoder; 63 63 }; 64 65 CACHED_RESOURCE_TYPE_CASTS(CachedScript, CachedResource, CachedResource::Script) 66 64 67 } 65 68 -
trunk/Source/WebCore/loader/cache/CachedTextTrack.h
r162158 r163242 45 45 }; 46 46 47 CACHED_RESOURCE_TYPE_CASTS(CachedTextTrack, CachedResource, CachedResource::TextTrackResource) 48 47 49 } 48 50 -
trunk/Source/WebCore/loader/cache/CachedXSLStyleSheet.h
r162158 r163242 58 58 }; 59 59 60 CACHED_RESOURCE_TYPE_CASTS(CachedXSLStyleSheet, CachedResource, CachedResource::XSLStyleSheet) 61 60 62 #endif 61 63
Note: See TracChangeset
for help on using the changeset viewer.