WebKit Bugzilla
New
Browse
Search+
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
[patch]
Patch
bug-134206-20140623123951.patch (text/plain), 6.65 KB, created by
Oliver Hunt
on 2014-06-23 12:40:12 PDT
(
hide
)
Description:
Patch
Filename:
MIME Type:
Creator:
Oliver Hunt
Created:
2014-06-23 12:40:12 PDT
Size:
6.65 KB
patch
obsolete
>Subversion Revision: 170155 >diff --git a/Source/WebKit2/ChangeLog b/Source/WebKit2/ChangeLog >index 013ba1da49e83121315474e544f4a98e24f45bda..51c5b35c86bd26e501b7372482e252a0fd7e3025 100644 >--- a/Source/WebKit2/ChangeLog >+++ b/Source/WebKit2/ChangeLog >@@ -1,3 +1,30 @@ >+2014-06-23 Oliver Hunt <oliver@apple.com> >+ >+ Ensure that we always use symlink free paths when specifying cache directories >+ https://bugs.webkit.org/show_bug.cgi?id=134206 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ Sandboxing will deny symlink based paths, so we use realpath to create extensions. >+ This leaves us in the position of an extension using a visually different path >+ from other parts of the process code. This patch simply makes sure that we always >+ use the realpath for cache directories, so making debugging easier and also ensuring >+ that we don't ever accidentally try to use a path with symlinks that will thus get >+ denied. >+ >+ * Shared/SandboxExtension.h: >+ (WebKit::resolveTruePath): >+ * Shared/mac/SandboxExtensionMac.mm: >+ (WebKit::resolveTruePath): >+ * UIProcess/WebContext.cpp: >+ (WebKit::WebContext::ensureNetworkProcess): >+ * UIProcess/mac/WebContextMac.mm: >+ (WebKit::WebContext::platformDefaultApplicationCacheDirectory): >+ (WebKit::WebContext::platformDefaultDiskCacheDirectory): >+ (WebKit::WebContext::platformDefaultWebSQLDatabaseDirectory): >+ (WebKit::WebContext::platformDefaultIconDatabasePath): >+ (WebKit::WebContext::platformDefaultLocalStorageDirectory): >+ > 2014-06-19 Oliver Hunt <oliver@apple.com> > > Switch to using the process parameters during initialisation >diff --git a/Source/WebKit2/Shared/SandboxExtension.h b/Source/WebKit2/Shared/SandboxExtension.h >index 5462e4ab79e7e8c616267cef20c4621d8fddc870..a9fe64d9cac29cb789e149f379f82313f0429c5e 100644 >--- a/Source/WebKit2/Shared/SandboxExtension.h >+++ b/Source/WebKit2/Shared/SandboxExtension.h >@@ -132,6 +132,9 @@ inline bool SandboxExtension::revoke() { return true; } > inline bool SandboxExtension::consume() { return true; } > inline bool SandboxExtension::consumePermanently() { return true; } > inline bool SandboxExtension::consumePermanently(const Handle&) { return true; } >+inline String resolveTruePath(const String& path) { return path; } >+#else >+String resolveTruePath(const String& path); > #endif > > } // namespace WebKit >diff --git a/Source/WebKit2/Shared/mac/SandboxExtensionMac.mm b/Source/WebKit2/Shared/mac/SandboxExtensionMac.mm >index b99f1a1feb671bb8ab3ed8599509ea4459c2f934..65ef5c56a3fca09bfc65a2987dad6be1a47bbd0d 100644 >--- a/Source/WebKit2/Shared/mac/SandboxExtensionMac.mm >+++ b/Source/WebKit2/Shared/mac/SandboxExtensionMac.mm >@@ -207,6 +207,11 @@ static CString resolveSymlinksInPath(const CString& path) > return resolvedPath; > } > >+String resolveTruePath(const String& path) >+{ >+ return String::fromUTF8(resolveSymlinksInPath(path.utf8())); >+} >+ > void SandboxExtension::createHandle(const String& path, Type type, Handle& handle) > { > ASSERT(!handle.m_sandboxExtension); >diff --git a/Source/WebKit2/UIProcess/WebContext.cpp b/Source/WebKit2/UIProcess/WebContext.cpp >index eb2cf0df017bec63b7e165e5582a472bfef454b7..ac179cd92149cc0073346de60b3d123764ef8e89 100644 >--- a/Source/WebKit2/UIProcess/WebContext.cpp >+++ b/Source/WebKit2/UIProcess/WebContext.cpp >@@ -406,7 +406,7 @@ void WebContext::ensureNetworkProcess() > > parameters.cacheModel = m_cacheModel; > >- parameters.diskCacheDirectory = diskCacheDirectory(); >+ parameters.diskCacheDirectory = resolveTruePath(diskCacheDirectory()); > if (!parameters.diskCacheDirectory.isEmpty()) > SandboxExtension::createHandleForReadWriteDirectory(parameters.diskCacheDirectory, parameters.diskCacheDirectoryExtensionHandle); > >diff --git a/Source/WebKit2/UIProcess/mac/WebContextMac.mm b/Source/WebKit2/UIProcess/mac/WebContextMac.mm >index 7bcb524986047c14b8316154732499319588e0a6..37396c919e3e201d3f3a52e1ce7fdd6ff2b35eef 100644 >--- a/Source/WebKit2/UIProcess/mac/WebContextMac.mm >+++ b/Source/WebKit2/UIProcess/mac/WebContextMac.mm >@@ -164,7 +164,8 @@ String WebContext::platformDefaultApplicationCacheDirectory() const > > NSString *cacheDir = [[NSFileManager defaultManager] stringWithFileSystemRepresentation:cacheDirectory length:cacheDirectoryLen - 1]; > #endif >- return [cacheDir stringByAppendingPathComponent:appName]; >+ NSString* cachePath = [cacheDir stringByAppendingPathComponent:appName]; >+ return resolveTruePath([cachePath stringByStandardizingPath]); > } > > void WebContext::platformInitializeWebProcess(WebProcessCreationParameters& parameters) >@@ -263,8 +264,7 @@ String WebContext::platformDefaultDiskCacheDirectory() const > RetainPtr<NSString> cachePath = adoptNS((NSString *)WKCopyFoundationCacheDirectory()); > if (!cachePath) > cachePath = @"~/Library/Caches/com.apple.WebKit.WebProcess"; >- >- return [cachePath stringByStandardizingPath]; >+ return resolveTruePath([cachePath stringByStandardizingPath]); > } > > String WebContext::platformDefaultCookieStorageDirectory() const >@@ -278,7 +278,7 @@ String WebContext::platformDefaultWebSQLDatabaseDirectory() > NSString *databasesDirectory = [[NSUserDefaults standardUserDefaults] objectForKey:WebDatabaseDirectoryDefaultsKey]; > if (!databasesDirectory || ![databasesDirectory isKindOfClass:[NSString class]]) > databasesDirectory = @"~/Library/WebKit/Databases"; >- return [databasesDirectory stringByStandardizingPath]; >+ return resolveTruePath([databasesDirectory stringByStandardizingPath]); > } > > String WebContext::platformDefaultIndexedDBDatabaseDirectory() >@@ -296,7 +296,7 @@ String WebContext::platformDefaultIconDatabasePath() const > NSString *databasesDirectory = [[NSUserDefaults standardUserDefaults] objectForKey:WebIconDatabaseDirectoryDefaultsKey]; > if (!databasesDirectory || ![databasesDirectory isKindOfClass:[NSString class]]) > databasesDirectory = @"~/Library/Icons/WebpageIcons.db"; >- return [databasesDirectory stringByStandardizingPath]; >+ return resolveTruePath([databasesDirectory stringByStandardizingPath]); > } > > String WebContext::platformDefaultLocalStorageDirectory() >@@ -304,7 +304,7 @@ String WebContext::platformDefaultLocalStorageDirectory() > NSString *localStorageDirectory = [[NSUserDefaults standardUserDefaults] objectForKey:WebStorageDirectoryDefaultsKey]; > if (!localStorageDirectory || ![localStorageDirectory isKindOfClass:[NSString class]]) > localStorageDirectory = @"~/Library/WebKit/LocalStorage"; >- return [localStorageDirectory stringByStandardizingPath]; >+ return resolveTruePath([localStorageDirectory stringByStandardizingPath]); > } > > bool WebContext::omitPDFSupport()
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=233627">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Flags:
andersca
:
review+
Actions:
View
|
Formatted Diff
|
Diff
Attachments on
bug 134206
:
233622
| 233627