Changeset 272504 in webkit
- Timestamp:
- Feb 8, 2021 11:47:30 AM (3 years ago)
- Location:
- trunk
- Files:
-
- 3 added
- 8 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/WebCore/ChangeLog
r272503 r272504 1 2021-02-08 Youenn Fablet <youenn@apple.com> 2 3 NetworkRTCSocketCocoa extractDataMessages should not read too much data 4 https://bugs.webkit.org/show_bug.cgi?id=221544 5 6 Reviewed by Eric Carlson. 7 8 Move STUN/TURN message parsing to its own file routine so that we can add API test. 9 Code is taken from Source/WebKit/NetworkProcess/webrtc/NetworkRTCSocketCocoa.mm. 10 Fix the test verifying we can actually read a message given its expected length. 11 12 Covered by API test. 13 14 * Headers.cmake: 15 * Modules/mediastream/STUNMessageParsing.cpp: Added. 16 (WebCore::isStunMessage): 17 (WebCore::getSTUNOrTURNMessageLengths): 18 (WebCore::extractSTUNOrTURNMessages): 19 (WebCore::extractDataMessages): 20 (WebCore::extractMessages): 21 * Modules/mediastream/STUNMessageParsing.h: Added. 22 * Sources.txt: 23 * WebCore.xcodeproj/project.pbxproj: 24 1 25 2021-02-08 Wenson Hsieh <wenson_hsieh@apple.com> 2 26 -
trunk/Source/WebCore/Headers.cmake
r272480 r272504 107 107 Modules/mediastream/MediaTrackConstraints.h 108 108 Modules/mediastream/RTCController.h 109 Modules/mediastream/STUNMessageParsing.h 109 110 Modules/mediastream/UserMediaClient.h 110 111 Modules/mediastream/UserMediaController.h -
trunk/Source/WebCore/Sources.txt
r272395 r272504 180 180 Modules/mediastream/RTCTrackEvent.cpp 181 181 Modules/mediastream/SFrameUtils.cpp 182 Modules/mediastream/STUNMessageParsing.cpp 182 183 Modules/mediastream/UserMediaController.cpp 183 184 Modules/mediastream/UserMediaRequest.cpp -
trunk/Source/WebCore/WebCore.xcodeproj/project.pbxproj
r272480 r272504 1161 1161 41E12E9F24FE74E20093FFB4 /* WebSocketIdentifier.h in Headers */ = {isa = PBXBuildFile; fileRef = 41E12E9D24FE74E20093FFB4 /* WebSocketIdentifier.h */; settings = {ATTRIBUTES = (Private, ); }; }; 1162 1162 41E1B1D10FF5986900576B3B /* AbstractWorker.h in Headers */ = {isa = PBXBuildFile; fileRef = 41E1B1CB0FF5986900576B3B /* AbstractWorker.h */; }; 1163 41E67A8325D16847007B0A4C /* STUNMessageParsing.h in Headers */ = {isa = PBXBuildFile; fileRef = 41E67A8125D16847007B0A4C /* STUNMessageParsing.h */; settings = {ATTRIBUTES = (Private, ); }; }; 1163 1164 41E9DCE7231974BF00F35949 /* BlobLoader.h in Headers */ = {isa = PBXBuildFile; fileRef = 41E9DCE4231973FE00F35949 /* BlobLoader.h */; settings = {ATTRIBUTES = (Private, ); }; }; 1164 1165 41E9DCE92319CA7600F35949 /* NetworkSendQueue.h in Headers */ = {isa = PBXBuildFile; fileRef = 41E9DCE82319CA7500F35949 /* NetworkSendQueue.h */; settings = {ATTRIBUTES = (Private, ); }; }; … … 7952 7953 41E59400214865AA00D3CB61 /* RTCRtpHeaderExtensionParameters.idl */ = {isa = PBXFileReference; lastKnownFileType = text; path = RTCRtpHeaderExtensionParameters.idl; sourceTree = "<group>"; }; 7953 7954 41E59401214865AB00D3CB61 /* RTCRtpFecParameters.idl */ = {isa = PBXFileReference; lastKnownFileType = text; path = RTCRtpFecParameters.idl; sourceTree = "<group>"; }; 7955 41E67A7F25D16846007B0A4C /* STUNMessageParsing.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = STUNMessageParsing.cpp; sourceTree = "<group>"; }; 7956 41E67A8125D16847007B0A4C /* STUNMessageParsing.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = STUNMessageParsing.h; sourceTree = "<group>"; }; 7954 7957 41E9DCE4231973FE00F35949 /* BlobLoader.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = BlobLoader.h; sourceTree = "<group>"; }; 7955 7958 41E9DCE62319742300F35949 /* EndingType.idl */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = EndingType.idl; sourceTree = "<group>"; }; … … 17344 17347 41209E26257A2FBB00120ACA /* SFrameUtils.cpp */, 17345 17348 41209E24257A2FBB00120ACA /* SFrameUtils.h */, 17349 41E67A7F25D16846007B0A4C /* STUNMessageParsing.cpp */, 17350 41E67A8125D16847007B0A4C /* STUNMessageParsing.h */, 17346 17351 07221B8D17CEC32700848E51 /* UserMediaClient.h */, 17347 17352 07221B8E17CEC32700848E51 /* UserMediaController.cpp */, … … 34784 34789 849F77760EFEC6200090849D /* StrokeStyleApplier.h in Headers */, 34785 34790 414B82051D6DF0E50077EBE3 /* StructuredClone.h in Headers */, 34791 41E67A8325D16847007B0A4C /* STUNMessageParsing.h in Headers */, 34786 34792 713922BE2518AB77005DB3C2 /* Styleable.h in Headers */, 34787 34793 E45BA6B6237622A3004DFC07 /* StyleAdjuster.h in Headers */, -
trunk/Source/WebKit/ChangeLog
r272496 r272504 1 2021-02-08 Youenn Fablet <youenn@apple.com> 2 3 NetworkRTCSocketCocoa extractDataMessages should not read too much data 4 https://bugs.webkit.org/show_bug.cgi?id=221544 5 6 Reviewed by Eric Carlson. 7 8 * NetworkProcess/webrtc/NetworkRTCSocketCocoa.mm: 9 Make use of WebCore method. 10 1 11 2021-02-08 Youenn Fablet <youenn@apple.com> 2 12 -
trunk/Source/WebKit/NetworkProcess/webrtc/NetworkRTCSocketCocoa.mm
r272212 r272504 31 31 #include "DataReference.h" 32 32 #include "LibWebRTCNetworkMessages.h" 33 #include <WebCore/STUNMessageParsing.h> 33 34 #include <dispatch/dispatch.h> 34 35 #include <wtf/BlockPtr.h> … … 54 55 return nullptr; 55 56 return makeUnique<NetworkRTCSocketCocoa>(identifier, rtcProvider, remoteAddress, tcpOptions, WTFMove(connection)); 56 }57 58 static inline bool isStunMessage(uint16_t messageType)59 {60 // https://tools.ietf.org/html/rfc5389#section-6 for STUN messages.61 // TURN messages start by the channel number which is constrained by https://tools.ietf.org/html/rfc5766#section-11.62 return !(messageType & 0xC000);63 }64 65 struct STUNMessageLengths {66 size_t messageLength { 0 };67 size_t messageLengthWithPadding { 0 };68 };69 70 static inline Optional<STUNMessageLengths> getSTUNOrTURNMessageLengths(const uint8_t* data, size_t size)71 {72 if (size < 4)73 return { };74 75 auto messageType = be16toh(*reinterpret_cast<const uint16_t*>(data));76 auto messageLength = be16toh(*reinterpret_cast<const uint16_t*>(data + 2));77 78 // STUN data message header is 20 bytes.79 if (isStunMessage(messageType)) {80 size_t length = 20 + messageLength;81 return STUNMessageLengths { length, length };82 }83 84 // TURN data message header is 4 bytes plus padding bytes to get 4 bytes alignment as needed.85 size_t length = 4 + messageLength;86 size_t roundedLength = length % 4 ? (length + 4 - (length % 4)) : length;87 return STUNMessageLengths { length, roundedLength };88 }89 90 static inline Vector<uint8_t> extractSTUNOrTURNMessages(Vector<uint8_t>&& buffered, const Function<void(const uint8_t* data, size_t size)>& processMessage)91 {92 auto* data = buffered.data();93 size_t size = buffered.size();94 95 while (true) {96 auto lengths = getSTUNOrTURNMessageLengths(data, size);97 98 if (!lengths || lengths->messageLengthWithPadding > size) {99 if (!size)100 return { };101 102 std::memcpy(buffered.data(), data, size);103 buffered.resize(size);104 return WTFMove(buffered);105 }106 107 processMessage(data, lengths->messageLength);108 109 data += lengths->messageLengthWithPadding;110 size -= lengths->messageLengthWithPadding;111 }112 }113 114 static inline Vector<uint8_t> extractDataMessages(Vector<uint8_t>&& buffered, const Function<void(const uint8_t* data, size_t size)>& processMessage)115 {116 auto* data = buffered.data();117 size_t size = buffered.size();118 119 while (true) {120 bool canReadLength = size >= 2;121 size_t length = canReadLength ? be16toh(*reinterpret_cast<const uint16_t*>(data)) : 0;122 if (!canReadLength || length > size + 2) {123 if (!size)124 return { };125 126 std::memcpy(buffered.data(), data, size);127 buffered.resize(size);128 return WTFMove(buffered);129 }130 131 data += 2;132 size -= 2;133 134 processMessage(data, length);135 136 data += length;137 size -= length;138 }139 }140 141 static inline Vector<uint8_t> extractMessages(Vector<uint8_t>&& buffer, bool isSTUN, const Function<void(const uint8_t* data, size_t size)>& processMessage)142 {143 return isSTUN ? extractSTUNOrTURNMessages(WTFMove(buffer), processMessage) : extractDataMessages(WTFMove(buffer), processMessage);144 57 } 145 58 … … 205 118 206 119 processIncomingData(m_nwConnection.get(), [identifier = m_identifier, connection = m_connection.copyRef(), ip = remoteAddress.ipaddr(), port = remoteAddress.port(), isSTUN = m_isSTUN](auto&& buffer) mutable { 207 return extractMessages(WTFMove(buffer), isSTUN, [&](auto* message, auto size) {120 return WebRTC::extractMessages(WTFMove(buffer), isSTUN ? WebRTC::MessageType::STUN : WebRTC::MessageType::Data, [&](auto* message, auto size) { 208 121 IPC::DataReference data(message, size); 209 122 connection->send(Messages::LibWebRTCNetwork::SignalReadPacket { identifier, data, RTCNetwork::IPAddress(ip), port, rtc::TimeMillis() * 1000 }, 0); … … 242 155 243 156 if (m_isSTUN) { 244 auto messageLengths = getSTUNOrTURNMessageLengths(data, size);157 auto messageLengths = WebRTC::getSTUNOrTURNMessageLengths(data, size); 245 158 if (!messageLengths) 246 159 return { }; -
trunk/Tools/ChangeLog
r272499 r272504 1 2021-02-08 Youenn Fablet <youenn@apple.com> 2 3 NetworkRTCSocketCocoa extractDataMessages should not read too much data 4 https://bugs.webkit.org/show_bug.cgi?id=221544 5 6 Reviewed by Eric Carlson. 7 8 * TestWebKitAPI/Tests/WebCore/STUNMessageParsingTest.cpp: Added. 9 (TestWebKitAPI::TEST): 10 * TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj: 11 1 12 2021-02-08 Alicia Boya García <aboya@igalia.com> 2 13 -
trunk/Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj
r272445 r272504 243 243 41848F4424891879000E2588 /* open-window-with-file-url-with-host.html in Copy Resources */ = {isa = PBXBuildFile; fileRef = 41848F4324891815000E2588 /* open-window-with-file-url-with-host.html */; }; 244 244 41882F0321010C0D002FF288 /* ProcessPreWarming.mm in Sources */ = {isa = PBXBuildFile; fileRef = 41882F0221010A70002FF288 /* ProcessPreWarming.mm */; }; 245 41E67A8525D16E83007B0A4C /* STUNMessageParsingTest.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 41E67A8425D16E83007B0A4C /* STUNMessageParsingTest.cpp */; }; 245 246 44077BB123144B5000179E2D /* DataDetectorsTestIOS.mm in Sources */ = {isa = PBXBuildFile; fileRef = 44077BB0231449D200179E2D /* DataDetectorsTestIOS.mm */; }; 246 247 4433A396208044140091ED57 /* SynchronousTimeoutTests.mm in Sources */ = {isa = PBXBuildFile; fileRef = 4433A395208044130091ED57 /* SynchronousTimeoutTests.mm */; }; … … 1994 1995 41973B5C1AF22875006C7B36 /* SharedBuffer.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = SharedBuffer.cpp; sourceTree = "<group>"; }; 1995 1996 41BAF4E225AC9DB800D82F32 /* getUserMedia2.html */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.html; path = getUserMedia2.html; sourceTree = "<group>"; }; 1997 41E67A8425D16E83007B0A4C /* STUNMessageParsingTest.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = STUNMessageParsingTest.cpp; sourceTree = "<group>"; }; 1996 1998 44077BB0231449D200179E2D /* DataDetectorsTestIOS.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; path = DataDetectorsTestIOS.mm; sourceTree = "<group>"; }; 1997 1999 442BBF681C91CAD90017087F /* RefLogger.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = RefLogger.cpp; sourceTree = "<group>"; }; … … 3597 3599 ECA680CD1E68CC0900731D20 /* StringUtilities.mm */, 3598 3600 CE4D5DE51F6743BA0072CFC6 /* StringWithDirection.cpp */, 3601 41E67A8425D16E83007B0A4C /* STUNMessageParsingTest.cpp */, 3599 3602 93A258981F92FF15003E510C /* TextCodec.cpp */, 3600 3603 CDC2C7141797089D00E627FB /* TimeRanges.cpp */, … … 5552 5555 ECA680CE1E68CC0900731D20 /* StringUtilities.mm in Sources */, 5553 5556 CE4D5DE71F6743BA0072CFC6 /* StringWithDirection.cpp in Sources */, 5557 41E67A8525D16E83007B0A4C /* STUNMessageParsingTest.cpp in Sources */, 5554 5558 7CCE7ED21A411A7E00447C4C /* SubresourceErrorCrash.mm in Sources */, 5555 5559 51EB126724CB8753000CB030 /* SunLightApplicationGenericNES.mm in Sources */,
Note: See TracChangeset
for help on using the changeset viewer.