Bug 197323

Summary: Improve safety of MachMessage class
Product: WebKit Reporter: Chris Dumez <cdumez>
Component: WebKit2Assignee: Chris Dumez <cdumez>
Status: RESOLVED FIXED    
Severity: Normal CC: achristensen, beidson, commit-queue, darin, ddkilzer, ggaren, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch
none
Patch none

Description Chris Dumez 2019-04-26 13:41:28 PDT
Improve safety of MachMessage class and clean things up a bit.
Comment 1 Chris Dumez 2019-04-26 13:41:57 PDT
<rdar://problem/44291920>
Comment 2 Chris Dumez 2019-04-26 13:55:17 PDT
Created attachment 368346 [details]
Patch
Comment 3 Chris Dumez 2019-04-26 14:50:11 PDT
Created attachment 368353 [details]
Patch
Comment 4 Alex Christensen 2019-04-26 15:05:19 PDT
Comment on attachment 368353 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=368353&action=review

> Source/WebKit/Platform/IPC/mac/MachMessage.cpp:37
> +    void* memory = WTF::fastZeroedMalloc(sizeof(MachMessage) + size);

Are there any performance indications of this change?
Comment 5 Chris Dumez 2019-04-26 15:19:49 PDT
(In reply to Alex Christensen from comment #4)
> Comment on attachment 368353 [details]
> Patch
> 
> View in context:
> https://bugs.webkit.org/attachment.cgi?id=368353&action=review
> 
> > Source/WebKit/Platform/IPC/mac/MachMessage.cpp:37
> > +    void* memory = WTF::fastZeroedMalloc(sizeof(MachMessage) + size);
> 
> Are there any performance indications of this change?

There could be a performance impact although I personally doubt it. I believe zero'ing memory is normally pretty cheap and while IPC is frequent, I do not believe it is super-hot.

Any any case, this is security-sensitive code so we want it to be robust. I have also explain in the changelog and in the radar (in more details) why I believe this will fix flaky crashes.

If it does regress performance, then we can try and find another solution but I think other solution will likely be more fragile. I say let's try the safest / most robust thing first.
Comment 6 WebKit Commit Bot 2019-04-27 10:09:29 PDT
Comment on attachment 368353 [details]
Patch

Clearing flags on attachment: 368353

Committed r244721: <https://trac.webkit.org/changeset/244721>
Comment 7 WebKit Commit Bot 2019-04-27 10:09:31 PDT
All reviewed patches have been landed.  Closing bug.