Changeset 215521 in webkit

Timestamp:

Apr 19, 2017 11:17:02 AM (7 years ago)

Author:

ddkilzer@apple.com

Message:

Stop using strcpy() in WebKit::EnvironmentUtilities::stripValuesEndingWithString()
<​https://webkit.org/b/170994>
<rdar://problem/29889932>

Reviewed by Brent Fulgham.

Source/WebKit2:

• Platform/unix/EnvironmentUtilities.cpp:

(WebKit::EnvironmentUtilities::stripValuesEndingWithString):
Switch from using strcpy() to strlcpy(). Also switch from using
strstr() to strnstr().

• Platform/unix/EnvironmentUtilities.h: Switch to #pragma once.

(WebKit::EnvironmentUtilities::stripValuesEndingWithString):
Export function for testing.

• WebKit2.xcodeproj/project.pbxproj:

(EnvironmentUtilitiesTest.h): Make header private for testing.

Tools:

• TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:

(EnvironmentUtilitiesTest.cpp): Add to TestWebKitAPILibrary
target.

• TestWebKitAPI/Tests/WebKit2/EnvironmentUtilitiesTest.cpp: Add.

(TestWebKitAPI::strip): Helper method to set/get environment
variable for testing.
(TestWebKitAPI::WebKit2_StripValuesEndingWithString_Test): Add
tests.

Location:

trunk

Files:

• Source/WebKit2/ChangeLog (modified) (1 diff)
• Source/WebKit2/Platform/unix/EnvironmentUtilities.cpp (modified) (3 diffs)
• Source/WebKit2/Platform/unix/EnvironmentUtilities.h (modified) (2 diffs)
• Source/WebKit2/WebKit2.xcodeproj/project.pbxproj (modified) (1 diff)
• Tools/ChangeLog (modified) (1 diff)
• Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj (modified) (4 diffs)
• Tools/TestWebKitAPI/Tests/WebKit2/EnvironmentUtilitiesTest.cpp (added)

trunk/Source/WebKit2/ChangeLog

@@ +1 @@
+2017-04-19  David Kilzer  <ddkilzer@apple.com>
+
+        Stop using strcpy() in WebKit::EnvironmentUtilities::stripValuesEndingWithString()
+        <https://webkit.org/b/170994>
+        <rdar://problem/29889932>
+
+        Reviewed by Brent Fulgham.
+
+        * Platform/unix/EnvironmentUtilities.cpp:
+        (WebKit::EnvironmentUtilities::stripValuesEndingWithString):
+        Switch from using strcpy() to strlcpy().  Also switch from using
+        strstr() to strnstr().
+        * Platform/unix/EnvironmentUtilities.h: Switch to #pragma once.
+        (WebKit::EnvironmentUtilities::stripValuesEndingWithString):
+        Export function for testing.
+        * WebKit2.xcodeproj/project.pbxproj:
+        (EnvironmentUtilitiesTest.h): Make header private for testing.
+
 2017-04-19  Eric Carlson  <eric.carlson@apple.com>
 

trunk/Source/WebKit2/Platform/unix/EnvironmentUtilities.cpp

@@ -40 +40 @@
     // Grab the current value of the environment variable.
     char* environmentValue = getenv(environmentVariable);
-        
+
     if (!environmentValue || environmentValue[0] == '\0')
         return;
+
+    const size_t environmentValueLength = strlen(environmentValue);
+    const size_t environmentValueBufferLength = environmentValueLength + 1;
 
     // Set up the strings we'll be searching for.
@@ -60 +63 @@
     // Loop over environmentValueBuffer, removing any components that match the search value ending with a colon.
     char* componentStart = environmentValue;
-    char* match = strstr(componentStart, searchValueWithColon);
+    char* match = strnstr(componentStart, searchValueWithColon, environmentValueLength - static_cast<size_t>(componentStart - environmentValue));
     bool foundAnyMatches = match != NULL;
     while (match != NULL) {
         // Update componentStart to point to the colon immediately preceding the match.
-        char* nextColon = strstr(componentStart, ":");
+        char* nextColon = strnstr(componentStart, ":", environmentValueLength - static_cast<size_t>(componentStart - environmentValue));
         while (nextColon && nextColon < match) {
             componentStart = nextColon;
-            nextColon = strstr(componentStart + 1, ":");
+            nextColon = strnstr(componentStart + 1, ":", environmentValueLength - static_cast<size_t>(componentStart + 1 - environmentValue));
         }
-                
+
+        RELEASE_ASSERT(componentStart >= environmentValue);
+        size_t environmentValueOffset = static_cast<size_t>(componentStart - environmentValue);
+        RELEASE_ASSERT(environmentValueOffset < environmentValueBufferLength);
+
         // Copy over everything right of the match to the current component start, and search from there again.
         if (componentStart[0] == ':') {
             // If componentStart points to a colon, copy the colon over.
-            strcpy(componentStart, match + searchLength);
+            strlcpy(componentStart, match + searchLength, environmentValueBufferLength - environmentValueOffset);
         } else {
             // Otherwise, componentStart still points to the beginning of environmentValueBuffer, so don't copy over the colon.
             // The edge case is if the colon is the last character in the string, so "match + searchLengthWithoutColon + 1" is the
             // null terminator of the original input, in which case this is still safe.
-            strcpy(componentStart, match + searchLengthWithColon);
+            strlcpy(componentStart, match + searchLengthWithColon, environmentValueBufferLength - environmentValueOffset);
         }
         
-        match = strstr(componentStart, searchValueWithColon);
+        match = strnstr(componentStart, searchValueWithColon, environmentValueLength - static_cast<size_t>(componentStart - environmentValue));
     }
     
     // Search for the value without a trailing colon, seeing if the original input ends with it.
-    match = strstr(componentStart, searchValue);
+    match = strnstr(componentStart, searchValue, environmentValueLength - static_cast<size_t>(componentStart - environmentValue));
     while (match != NULL) {
         if (match[searchLength] == '\0')
             break;
-        match = strstr(match + 1, searchValue);
+        match = strnstr(match + 1, searchValue, environmentValueLength - static_cast<size_t>(match + 1 - environmentValue));
     }
     
@@ -95 +102 @@
     if (match) {
         // Update componentStart to point to the colon immediately preceding the match.
-        char* nextColon = strstr(componentStart, ":");
+        char* nextColon = strnstr(componentStart, ":", environmentValueLength - static_cast<size_t>(componentStart - environmentValue));
         while (nextColon && nextColon < match) {
             componentStart = nextColon;
-            nextColon = strstr(componentStart + 1, ":");
+            nextColon = strnstr(componentStart + 1, ":", environmentValueLength - static_cast<size_t>(componentStart + 1 - environmentValue));
         }
         

trunk/Source/WebKit2/Platform/unix/EnvironmentUtilities.h

@@ -24 +24 @@
  */
 
-#ifndef EnvironmentUtilities_h
-#define EnvironmentUtilities_h
+#pragma once
 
+#include "WKDeclarationSpecifiers.h"
 #include <wtf/text/WTFString.h>
 
@@ -33 +33 @@
 namespace EnvironmentUtilities {
 
-void stripValuesEndingWithString(const char* environmentVariable, const char* search);
+WK_EXPORT void stripValuesEndingWithString(const char* environmentVariable, const char* search);
 
 } // namespace EnvironmentUtilities
 
 } // namespace WebKit
-
-#endif // #define EnvironmentUtilities_h
-

trunk/Source/WebKit2/WebKit2.xcodeproj/project.pbxproj

@@ -1043 +1043 @@
                 51ACBBA1127A8F2C00D203B9 /* WebContextMenuProxyMac.mm in Sources */ = {isa = PBXBuildFile; fileRef = 51ACBB9F127A8F2C00D203B9 /* WebContextMenuProxyMac.mm */; };
                 51B15A8413843A3900321AD8 /* EnvironmentUtilities.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 51B15A8213843A3900321AD8 /* EnvironmentUtilities.cpp */; };
-                51B15A8513843A3900321AD8 /* EnvironmentUtilities.h in Headers */ = {isa = PBXBuildFile; fileRef = 51B15A8313843A3900321AD8 /* EnvironmentUtilities.h */; };
+                51B15A8513843A3900321AD8 /* EnvironmentUtilities.h in Headers */ = {isa = PBXBuildFile; fileRef = 51B15A8313843A3900321AD8 /* EnvironmentUtilities.h */; settings = {ATTRIBUTES = (Private, ); }; };
                 51C0C9741DDD76000032CAD3 /* IconLoadingDelegate.h in Headers */ = {isa = PBXBuildFile; fileRef = 51C0C9721DDD74F00032CAD3 /* IconLoadingDelegate.h */; };
                 51C0C9751DDD76030032CAD3 /* IconLoadingDelegate.mm in Sources */ = {isa = PBXBuildFile; fileRef = 51C0C9731DDD74F00032CAD3 /* IconLoadingDelegate.mm */; };

trunk/Tools/ChangeLog

@@ +1 @@
+2017-04-19  David Kilzer  <ddkilzer@apple.com>
+
+        Stop using strcpy() in WebKit::EnvironmentUtilities::stripValuesEndingWithString()
+        <https://webkit.org/b/170994>
+        <rdar://problem/29889932>
+
+        Reviewed by Brent Fulgham.
+
+        * TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
+        (EnvironmentUtilitiesTest.cpp): Add to TestWebKitAPILibrary
+        target.
+        * TestWebKitAPI/Tests/WebKit2/EnvironmentUtilitiesTest.cpp: Add.
+        (TestWebKitAPI::strip): Helper method to set/get environment
+        variable for testing.
+        (TestWebKitAPI::WebKit2_StripValuesEndingWithString_Test): Add
+        tests.
+
 2017-04-19  JF Bastien  <jfbastien@apple.com>
 

trunk/Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj

@@ -124 +124 @@
                 37FB72971DB2E82F00E41BE4 /* ContextMenuDefaultItemsHaveTags.mm in Sources */ = {isa = PBXBuildFile; fileRef = 37FB72951DB2E82F00E41BE4 /* ContextMenuDefaultItemsHaveTags.mm */; };
                 3FBD1B4A1D3D66AB00E6D6FA /* FullscreenLayoutConstraints.html in Copy Resources */ = {isa = PBXBuildFile; fileRef = 3FBD1B491D39D1DB00E6D6FA /* FullscreenLayoutConstraints.html */; };
+                448D7E471EA6C55500ECC756 /* EnvironmentUtilitiesTest.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 448D7E451EA6C55500ECC756 /* EnvironmentUtilitiesTest.cpp */; };
                 46397B951DC2C850009A78AE /* DOMNode.mm in Sources */ = {isa = PBXBuildFile; fileRef = 46397B941DC2C850009A78AE /* DOMNode.mm */; };
                 46C519DA1D355AB200DAA51A /* LocalStorageNullEntries.mm in Sources */ = {isa = PBXBuildFile; fileRef = 46C519D81D355A7300DAA51A /* LocalStorageNullEntries.mm */; };
@@ -1040 +1041 @@
                 440A1D3814A0103A008A66F2 /* URL.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = URL.cpp; sourceTree = "<group>"; };
                 442BBF681C91CAD90017087F /* RefLogger.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = RefLogger.cpp; sourceTree = "<group>"; };
+                448D7E451EA6C55500ECC756 /* EnvironmentUtilitiesTest.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = EnvironmentUtilitiesTest.cpp; sourceTree = "<group>"; };
                 44A622C114A0E2B60048515B /* WTFStringUtilities.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = WTFStringUtilities.h; sourceTree = "<group>"; };
                 46397B941DC2C850009A78AE /* DOMNode.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; path = DOMNode.mm; sourceTree = "<group>"; };
@@ -2022 +2024 @@
                                 C045F9441385C2E900C0F3CD /* DownloadDecideDestinationCrash.cpp */,
                                 07492B3A1DF8AE2D00633DE1 /* EnumerateMediaDevices.cpp */,
+                                448D7E451EA6C55500ECC756 /* EnvironmentUtilitiesTest.cpp */,
                                 75F3133F18C171B70041CAEC /* EphemeralSessionPushStateNoHistoryCallback.cpp */,
                                 1A5FEFDC1270E2A3000E2921 /* EvaluateJavaScript.cpp */,
@@ -2811 +2814 @@
                                 7CCE7EBF1A411A7E00447C4C /* ElementAtPointInWebFrame.mm in Sources */,
                                 07492B3B1DF8B14C00633DE1 /* EnumerateMediaDevices.cpp in Sources */,
+                                448D7E471EA6C55500ECC756 /* EnvironmentUtilitiesTest.cpp in Sources */,
                                 7CCE7EEF1A411AE600447C4C /* EphemeralSessionPushStateNoHistoryCallback.cpp in Sources */,
                                 7CCE7EF01A411AE600447C4C /* EvaluateJavaScript.cpp in Sources */,