Bug 186211

Summary: Make sure that the fencePort received over IPC has the expected disposition (SEND)
Product: WebKit Reporter: Brent Fulgham <bfulgham>
Component: WebKit2Assignee: Brent Fulgham <bfulgham>
Status: RESOLVED FIXED    
Severity: Normal CC: achristensen, andersca, bfulgham, commit-queue, ews-watchlist, ggaren
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch
none
Archive of layout-test-results from ews206 for win-future
none
Patch for landing none

Description Brent Fulgham 2018-06-01 16:12:43 PDT 
We shouldn't blindly assume that the Mach Send Right we receive from the UIProcess in WebPage::setTopContentInsetFenced (and VideoFullscreenManager::setVideoLayerFrameFenced) will have the expected MACH_MSG_TYPE_MOVE_SEND disposition.

Instead, we should check that it meets expectations. If we discover a discrepancy, we should discard the message without touching the mach port contents.
Comment 1 Brent Fulgham 2018-06-01 16:12:57 PDT 
<rdar://problem/37814171>
Comment 2 Brent Fulgham 2018-06-01 16:16:00 PDT 
Created attachment 341800 [details]
Patch
Comment 3 Geoffrey Garen 2018-06-01 16:36:30 PDT 
Comment on attachment 341800 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=341800&action=review

r=me

> Source/WebKit/WebProcess/WebPage/WebPage.cpp:2664
> +    // Check for invalid message receipt. If this is not a send right, something has
> +    // gone wrong and we should discard this message.

I don't think this comment adds anything. It just kind of restates the code below.

> Source/WebKit/WebProcess/cocoa/VideoFullscreenManager.mm:568
> +    // Check for invalid message receipt. If this is not a send right, something has
> +    // gone wrong and we should discard this message.

Ditto.
Comment 4 EWS Watchlist 2018-06-02 01:41:57 PDT 
Comment on attachment 341800 [details]
Patch

Attachment 341800 [details] did not pass win-ews (win):
Output: http://webkit-queues.webkit.org/results/7941653

New failing tests:
http/tests/security/canvas-remote-read-remote-video-localhost.html
Comment 5 EWS Watchlist 2018-06-02 01:42:08 PDT 
Created attachment 341837 [details]
Archive of layout-test-results from ews206 for win-future

The attached test failures were seen while running run-webkit-tests on the win-ews.
Bot: ews206  Port: win-future  Platform: CYGWIN_NT-6.1-2.9.0-0.318-5-3-x86_64-64bit
Comment 6 Brent Fulgham 2018-06-03 10:49:56 PDT 
Created attachment 341867 [details]
Patch for landing
Comment 7 WebKit Commit Bot 2018-06-03 11:28:13 PDT 
Comment on attachment 341867 [details]
Patch for landing

Clearing flags on attachment: 341867

Committed r232451: <https://trac.webkit.org/changeset/232451>
Comment 8 WebKit Commit Bot 2018-06-03 11:28:14 PDT 
All reviewed patches have been landed.  Closing bug.