Bug 196213

Summary: Do not terminate the NetworkProcess if a third party application sends a NSCredential with a SecIdentityRef
Product: WebKit Reporter: Alex Christensen <achristensen>
Component: New BugsAssignee: Alex Christensen <achristensen>
Status: RESOLVED FIXED    
Severity: Normal CC: ap, commit-queue, ggaren, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on: 196226    
Bug Blocks:    
Attachments:
Description Flags
Patch
none
Patch
none
Patch
none
Patch none

Alex Christensen
Reported 2019-03-25 13:58:19 PDT
Do not terminate the NetworkProcess if a third party application sends a NSCredential with a SecIdentityRef
Attachments
Patch (19.59 KB, patch)
2019-03-25 14:07 PDT, Alex Christensen 		no flags
DetailsFormatted DiffDiff
Patch (19.89 KB, patch)
2019-03-25 14:12 PDT, Alex Christensen 		no flags
DetailsFormatted DiffDiff
Patch (19.87 KB, patch)
2019-03-25 14:43 PDT, Alex Christensen 		no flags
DetailsFormatted DiffDiff
Patch (19.85 KB, patch)
2019-03-25 22:05 PDT, Alex Christensen 		no flags
DetailsFormatted DiffDiff
Show Obsolete (3) View All Add attachment proposed patch, testcase, etc.
Alex Christensen
Comment 1 2019-03-25 14:07:23 PDT
Created attachment 365896 [details] Patch
Alex Christensen
Comment 2 2019-03-25 14:12:32 PDT
Created attachment 365898 [details] Patch
Alex Christensen
Comment 3 2019-03-25 14:13:14 PDT
rdar://problem/49156511
Geoffrey Garen
Comment 4 2019-03-25 14:30:52 PDT
Comment on attachment 365898 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=365898&action=review r=me > Source/WebKit/Shared/cf/ArgumentCodersCF.cpp:719 > + if (!hasProcessPrivilege(ProcessPrivilege::CanAccessCredentials)) { > + result = nullptr; > + return true; > + } It seems a little sloppy that the !hasKey case above and the false if (key) case below return true without assigning nullptr to result, while here we do assign nullptr to result. I'd like us to be consistent. Looking at our caller, nullptr is the default value. So, both choices can work. Can you pick one and apply it consistently in this function?
Alex Christensen
Comment 5 2019-03-25 14:38:31 PDT
(In reply to Geoffrey Garen from comment #4) > Comment on attachment 365898 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=365898&action=review > > r=me > > > Source/WebKit/Shared/cf/ArgumentCodersCF.cpp:719 > > + if (!hasProcessPrivilege(ProcessPrivilege::CanAccessCredentials)) { > > + result = nullptr; > > + return true; > > + } > > It seems a little sloppy that the !hasKey case above and the false if (key) > case below return true without assigning nullptr to result, while here we do > assign nullptr to result. I'd like us to be consistent. > > Looking at our caller, nullptr is the default value. So, both choices can > work. Can you pick one and apply it consistently in this function? The nullptr assignment is redundant since the default constructor of RetainPtr<SecIdentityRef> has already been called. I'll remove it.
Alex Christensen
Comment 6 2019-03-25 14:43:13 PDT
Created attachment 365903 [details] Patch
WebKit Commit Bot
Comment 7 2019-03-25 15:10:22 PDT
Comment on attachment 365903 [details] Patch Clearing flags on attachment: 365903 Committed r243465: <https://trac.webkit.org/changeset/243465>
WebKit Commit Bot
Comment 8 2019-03-25 15:10:24 PDT
All reviewed patches have been landed. Closing bug.
Radar WebKit Bug Importer
Comment 9 2019-03-25 15:11:19 PDT
<rdar://problem/49231641>
WebKit Commit Bot
Comment 10 2019-03-25 16:15:51 PDT
Re-opened since this is blocked by bug 196226
Alex Christensen
Comment 11 2019-03-25 21:45:25 PDT
Maybe the commit bot shouldn't commit a patch that doesn't build on open source iOS bots...
Alex Christensen
Comment 12 2019-03-25 22:04:11 PDT
Hmmm. SecKeychainRef is unavailable on open source iOS builds, and iOS doesn't really seem to have the ability to handle keychains like I do in this test (SecIdentityCreateWithCertificate, SecKeychainCreate unavailable). I'll just make the test Mac only and figure out how to write client certificate tests for iOS once I start writing more in-depth tests. This test as it is now already shows the assertion can be reached, so it would've prevented the original regression.
Alex Christensen
Comment 13 2019-03-25 22:05:29 PDT
Created attachment 365946 [details] Patch
WebKit Commit Bot
Comment 14 2019-03-25 23:13:00 PDT
Comment on attachment 365946 [details] Patch Clearing flags on attachment: 365946 Committed r243487: <https://trac.webkit.org/changeset/243487>
WebKit Commit Bot
Comment 15 2019-03-25 23:13:02 PDT
All reviewed patches have been landed. Closing bug.
Alex Christensen
Comment 16 2019-03-27 12:14:37 PDT
It would also be nice if the commit queue took less than 1.5 days to commit.
Alex Christensen
Comment 17 2019-03-27 12:22:59 PDT
Comment on attachment 365946 [details] Patch Oh, it landed, it just didn't remove the cq+
Note You need to log in before you can comment on or make changes to this bug.