Bug 208783

Summary:

[iOS] Mapping to UTI from tag and tag class should be performed in the UI process

Product:

WebKit

Reporter:

Per Arne Vollan <pvollan>

Component:

WebKit Misc.

Assignee:

Per Arne Vollan <pvollan>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

benjamin, bfulgham, cdumez, cmarcelo, ews-watchlist, simon.fraser, webkit-bug-importer

Priority:

Keywords:

InRadar

Version:

WebKit Nightly Build

Hardware:

Unspecified

OS:

Unspecified

Attachments:

Description	Flags
Patch	none
Patch	none
Patch	none
Patch	none
Patch	none
Patch	none
Patch	none
Patch	none
Patch	none
Patch	none
Patch	none
Patch	none
Patch	none
Patch	none
Patch	bfulgham: review+
Patch	none

Per Arne Vollan

Reported 2020-03-08 08:56:28 PDT

Calling UTTypeCreatePreferredIdentifierForTag to find UTI from tag and tag class should be done in the UI process and not in the WebContent process, since this is using a system service that will be closed.

Attachments
Patch (18.26 KB, patch) 2020-03-08 09:06 PDT, Per Arne Vollan	no flags	Details Formatted Diff Diff
Patch (19.00 KB, patch) 2020-03-08 09:15 PDT, Per Arne Vollan	no flags	Details Formatted Diff Diff
Patch (18.77 KB, patch) 2020-03-08 09:25 PDT, Per Arne Vollan	no flags	Details Formatted Diff Diff
Patch (24.86 KB, patch) 2020-03-08 11:15 PDT, Per Arne Vollan	no flags	Details Formatted Diff Diff
Patch (23.85 KB, patch) 2020-03-08 11:22 PDT, Per Arne Vollan	no flags	Details Formatted Diff Diff
Patch (24.08 KB, patch) 2020-03-08 11:49 PDT, Per Arne Vollan	no flags	Details Formatted Diff Diff
Patch (24.19 KB, patch) 2020-03-08 12:00 PDT, Per Arne Vollan	no flags	Details Formatted Diff Diff
Patch (24.20 KB, patch) 2020-03-08 12:07 PDT, Per Arne Vollan	no flags	Details Formatted Diff Diff
Patch (27.71 KB, patch) 2020-03-08 12:29 PDT, Per Arne Vollan	no flags	Details Formatted Diff Diff
Patch (28.19 KB, patch) 2020-03-08 13:11 PDT, Per Arne Vollan	no flags	Details Formatted Diff Diff
Patch (35.65 KB, patch) 2020-03-08 13:45 PDT, Per Arne Vollan	no flags	Details Formatted Diff Diff
Patch (35.75 KB, patch) 2020-03-08 14:25 PDT, Per Arne Vollan	no flags	Details Formatted Diff Diff
Patch (36.28 KB, patch) 2020-03-08 15:00 PDT, Per Arne Vollan	no flags	Details Formatted Diff Diff
Patch (27.86 KB, patch) 2020-03-08 15:04 PDT, Per Arne Vollan	no flags	Details Formatted Diff Diff
Patch (34.66 KB, patch) 2020-03-08 15:13 PDT, Per Arne Vollan	bfulgham: review+	Details Formatted Diff Diff
Patch (37.13 KB, patch) 2020-03-08 16:20 PDT, Per Arne Vollan	no flags	Details Formatted Diff Diff
Show Obsolete (14) View All Add attachment proposed patch, testcase, etc.

Per Arne Vollan

Comment 1 2020-03-08 09:06:35 PDT

Created attachment 392954 [details] Patch

Per Arne Vollan

Comment 2 2020-03-08 09:15:12 PDT

Created attachment 392955 [details] Patch

Per Arne Vollan

Comment 3 2020-03-08 09:25:39 PDT

Created attachment 392956 [details] Patch

Per Arne Vollan

Comment 4 2020-03-08 11:15:44 PDT

Created attachment 392962 [details] Patch

Per Arne Vollan

Comment 5 2020-03-08 11:22:16 PDT

Created attachment 392963 [details] Patch

Per Arne Vollan

Comment 6 2020-03-08 11:49:26 PDT

Created attachment 392964 [details] Patch

Per Arne Vollan

Comment 7 2020-03-08 12:00:07 PDT

Created attachment 392966 [details] Patch

Per Arne Vollan

Comment 8 2020-03-08 12:07:32 PDT

Created attachment 392968 [details] Patch

Per Arne Vollan

Comment 9 2020-03-08 12:29:30 PDT

Created attachment 392972 [details] Patch

Per Arne Vollan

Comment 10 2020-03-08 13:11:14 PDT

Created attachment 392978 [details] Patch

Per Arne Vollan

Comment 11 2020-03-08 13:45:12 PDT

Created attachment 392981 [details] Patch

Per Arne Vollan

Comment 12 2020-03-08 14:25:39 PDT

Created attachment 392987 [details] Patch

Per Arne Vollan

Comment 13 2020-03-08 15:00:49 PDT

Created attachment 392989 [details] Patch

Radar WebKit Bug Importer

Comment 14 2020-03-08 15:01:22 PDT

<rdar://problem/60205026>

Per Arne Vollan

Comment 15 2020-03-08 15:04:01 PDT

Created attachment 392990 [details] Patch

Per Arne Vollan

Comment 16 2020-03-08 15:13:06 PDT

Created attachment 392992 [details] Patch

Brent Fulgham

Comment 17 2020-03-08 15:54:58 PDT

Comment on attachment 392992 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=392992&action=review Please fix the memory leaks (or explain how I am mistaken!). But r=me with that change. > Source/WebCore/platform/cocoa/UTTypeRecordSwizzler.mm:89 > + WebUTTypeRecord *record = [WebUTTypeRecord alloc]; Should we be using a smart pointer of some kind to avoid leaks/overreleases? > Source/WebCore/platform/cocoa/UTTypeRecordSwizzler.mm:107 > + r.uti = UTTypeCreatePreferredIdentifierForTag(r.tagClass.createCFString().get(), r.tag.createCFString().get(), r.identifier.isNull() ? nullptr : r.identifier.createCFString().get()); I think UTTypeCreatePreferredIdentifierForTag returns a CFStringRef with a +1 count. I think you need something like: r.uti = adoptCF(UTTypeCreatePreferredIdentifierForTag ....).get(); Or maybe use your new UTIFromTag helper? > Source/WebCore/platform/cocoa/UTTypeRecordSwizzler.mm:110 > + i.uti = UTTypeCreatePreferredIdentifierForTag(i.tagClass.createCFString().get(), i.tag.createCFString().get(), i.identifier.isNull() ? nullptr : i.identifier.createCFString().get()); Ditto.

Per Arne Vollan

Comment 18 2020-03-08 16:03:01 PDT

(In reply to Brent Fulgham from comment #17) > Comment on attachment 392992 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=392992&action=review > > Please fix the memory leaks (or explain how I am mistaken!). But r=me with > that change. > > > Source/WebCore/platform/cocoa/UTTypeRecordSwizzler.mm:89 > > + WebUTTypeRecord *record = [WebUTTypeRecord alloc]; > > Should we be using a smart pointer of some kind to avoid leaks/overreleases? > > > Source/WebCore/platform/cocoa/UTTypeRecordSwizzler.mm:107 > > + r.uti = UTTypeCreatePreferredIdentifierForTag(r.tagClass.createCFString().get(), r.tag.createCFString().get(), r.identifier.isNull() ? nullptr : r.identifier.createCFString().get()); > > I think UTTypeCreatePreferredIdentifierForTag returns a CFStringRef with a > +1 count. I think you need something like: > > r.uti = adoptCF(UTTypeCreatePreferredIdentifierForTag ....).get(); > > Or maybe use your new UTIFromTag helper? > > > Source/WebCore/platform/cocoa/UTTypeRecordSwizzler.mm:110 > > + i.uti = UTTypeCreatePreferredIdentifierForTag(i.tagClass.createCFString().get(), i.tag.createCFString().get(), i.identifier.isNull() ? nullptr : i.identifier.createCFString().get()); > > Ditto. Nice catch! Will fix. Thanks for reviewing!

Per Arne Vollan

Comment 19 2020-03-08 16:20:38 PDT

Created attachment 392997 [details] Patch

Per Arne Vollan

Comment 20 2020-03-08 16:53:29 PDT

Committed r258120: <https://trac.webkit.org/changeset/258120/webkit>

Simon Fraser (smfr)

Comment 21 2020-03-08 21:06:03 PDT

Comment on attachment 392992 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=392992&action=review r- because of leaks >>> Source/WebCore/platform/cocoa/UTTypeRecordSwizzler.mm:89 >>> + WebUTTypeRecord *record = [WebUTTypeRecord alloc]; >> >> Should we be using a smart pointer of some kind to avoid leaks/overreleases? > > Nice catch! Will fix. > > Thanks for reviewing! Why is this not [[WebUTTypeRecord alloc] init]? > Source/WebCore/platform/cocoa/UTTypeRecordSwizzler.mm:94 > + WTFLogAlways("UTI not found for tag: %s %s %s\n", String(tag).utf8().data(), String(tagClass).utf8().data(), String(identifier).utf8().data()); Does this leak any privacy-sensitive information? > Source/WebCore/testing/Internals.idl:856 > DOMString getUTIFromMIMEType(DOMString mimeType); > + DOMString getUTIFromTag(DOMString tagClass, DOMString tag, DOMString conformingToUTI); These seem like a rather odd use of internals. Can these be API tests instead? > Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm:379 > + if (!WebCore::IOSApplication::isMobileSafari() || _AXSApplicationAccessibilityEnabled()) { Should accessibility really enable all these services, or should it be more fine-grained?

Per Arne Vollan

Comment 22 2020-03-08 21:27:20 PDT

(In reply to Simon Fraser (smfr) from comment #21) > Comment on attachment 392992 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=392992&action=review > > r- because of leaks > > >>> Source/WebCore/platform/cocoa/UTTypeRecordSwizzler.mm:89 > >>> + WebUTTypeRecord *record = [WebUTTypeRecord alloc]; > >> > >> Should we be using a smart pointer of some kind to avoid leaks/overreleases? > > > > Nice catch! Will fix. > > > > Thanks for reviewing! > > Why is this not [[WebUTTypeRecord alloc] init]? > Good point! I will fix this. > > Source/WebCore/platform/cocoa/UTTypeRecordSwizzler.mm:94 > > + WTFLogAlways("UTI not found for tag: %s %s %s\n", String(tag).utf8().data(), String(tagClass).utf8().data(), String(identifier).utf8().data()); > > Does this leak any privacy-sensitive information? > I don't believe so, but we should remove the logging as soon as we have identified the UTI types not covered. > > Source/WebCore/testing/Internals.idl:856 > > DOMString getUTIFromMIMEType(DOMString mimeType); > > + DOMString getUTIFromTag(DOMString tagClass, DOMString tag, DOMString conformingToUTI); > > These seem like a rather odd use of internals. Can these be API tests > instead? > They are actually used in API tests to compare the values in the UI process with the values in the WebContent process. But perhaps using internals in API tests is not optimal? > > Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm:379 > > + if (!WebCore::IOSApplication::isMobileSafari() || _AXSApplicationAccessibilityEnabled()) { > > Should accessibility really enable all these services, or should it be more > fine-grained? You are right! This is a speculative fix, and the extensions will be more targeted when we learn who is actually using the services. Thanks for reviewing, Simon!

Simon Fraser (smfr)

Comment 23 2020-03-08 21:51:04 PDT

Comment on attachment 392997 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=392997&action=review > Source/WebCore/platform/cocoa/UTTypeRecordSwizzler.mm:42 > +@interface WebUTTypeRecord : UTTypeRecord UTTypeRecord is a tagged pointer type. Override it like this may cause serious problems. > Source/WebCore/platform/cocoa/UTTypeRecordSwizzler.mm:53 > + _identifier = i; How do we know that 'I' stays alive? This should probably own it and -copy.

Per Arne Vollan

Comment 24 2020-03-09 09:16:43 PDT

(In reply to Simon Fraser (smfr) from comment #23) > Comment on attachment 392997 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=392997&action=review > > > Source/WebCore/platform/cocoa/UTTypeRecordSwizzler.mm:42 > > +@interface WebUTTypeRecord : UTTypeRecord > > UTTypeRecord is a tagged pointer type. Override it like this may cause > serious problems. > > > Source/WebCore/platform/cocoa/UTTypeRecordSwizzler.mm:53 > > + _identifier = i; > > How do we know that 'I' stays alive? This should probably own it and -copy. I will work on coming up with a better approach for these issues now. Thanks for catching this!

Note You need to log in before you can comment on or make changes to this bug.