Context Navigation

← Previous Changeset
Next Changeset →

Changeset 256578 in webkit

Timestamp:

Feb 13, 2020 5:54:59 PM (4 years ago)

Author:

youenn@apple.com

Message:

Protect WebSWServerConnection::scheduleJobInServer from bad scopeURL
https://bugs.webkit.org/show_bug.cgi?id=207722

Reviewed by Chris Dumez.

NetworkProcess/ServiceWorker/WebSWServerConnection.cpp:

(WebKit::WebSWServerConnection::scheduleJobInServer):
In case of bad scope, fail the job early on.

WebProcess/Storage/WebSWClientConnection.cpp:

(WebKit::WebSWClientConnection::scheduleJobInServer):
Remove the RELEASE_ASSERT from now since we defend in Network process.
We will add it back in ServiceWorkerRegistration::getOrCreate as a follow-up.

Location:

trunk/Source/WebKit

Files:

: 3 edited

ChangeLog (modified) (1 diff)
NetworkProcess/ServiceWorker/WebSWServerConnection.cpp (modified) (1 diff)
WebProcess/Storage/WebSWClientConnection.cpp (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed

trunk/Source/WebKit/ChangeLog

-                      r256577
+                      r256578
+-02-13  Youenn Fablet  <youenn@apple.com>
+        Protect WebSWServerConnection::scheduleJobInServer from bad scopeURL
+        https://bugs.webkit.org/show_bug.cgi?id=207722
+        Reviewed by Chris Dumez.
+        * NetworkProcess/ServiceWorker/WebSWServerConnection.cpp:
+        (WebKit::WebSWServerConnection::scheduleJobInServer):
+        In case of bad scope, fail the job early on.
+        * WebProcess/Storage/WebSWClientConnection.cpp:
+        (WebKit::WebSWClientConnection::scheduleJobInServer):
+        Remove the RELEASE_ASSERT from now since we defend in Network process.
+        We will add it back in ServiceWorkerRegistration::getOrCreate as a follow-up.
 -02-13  Ben Nham  <nham@apple.com>

trunk/Source/WebKit/NetworkProcess/ServiceWorker/WebSWServerConnection.cpp

-                      r256432
+                      r256578
 void WebSWServerConnection::scheduleJobInServer(ServiceWorkerJobData&& jobData)
+{
+    ASSERT(!jobData.scopeURL.isNull());
+    if (jobData.scopeURL.isNull()) {
+        rejectJobInClient(jobData.identifier().jobIdentifier, ExceptionData { InvalidStateError, "Scope URL is empty"_s });
+        return;
+    }
     SWSERVERCONNECTION_RELEASE_LOG_IF_ALLOWED("Scheduling ServiceWorker job %s in server", jobData.identifier().loggingString().utf8().data());
     ASSERT(identifier() == jobData.connectionIdentifier());

trunk/Source/WebKit/WebProcess/Storage/WebSWClientConnection.cpp

r253898	r256578
74	74	void WebSWClientConnection::scheduleJobInServer(const ServiceWorkerJobData& jobData)
75	75	{
76		~~RELEASE_ASSERT(!jobData.scopeURL.isNull());~~
77	76	runOrDelayTaskForImport([this, jobData] {
78	77	send(Messages::WebSWServerConnection::ScheduleJobInServer { jobData });

Note: See TracChangeset for help on using the changeset viewer.