| Summary: | [macOS] Image decoders should be restricted for Mail | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Product: | WebKit | Reporter: | Per Arne Vollan <pvollan> | ||||||||||
| Component: | WebKit Misc. | Assignee: | Per Arne Vollan <pvollan> | ||||||||||
| Status: | RESOLVED FIXED | ||||||||||||
| Severity: | Normal | CC: | bfulgham, ggaren, thorton, webkit-bug-importer, wenson_hsieh | ||||||||||
| Priority: | P2 | Keywords: | InRadar | ||||||||||
| Version: | WebKit Nightly Build | ||||||||||||
| Hardware: | Unspecified | ||||||||||||
| OS: | Unspecified | ||||||||||||
| Attachments: |
|
||||||||||||
|
Description
Per Arne Vollan
2022-03-10 08:55:27 PST
Created attachment 454367 [details]
Patch
Created attachment 454396 [details]
Patch
Created attachment 454398 [details]
Patch
Comment on attachment 454398 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=454398&action=review r=me > Source/WebCore/platform/graphics/cg/ImageDecoderCG.h:78 > + static bool m_enableRestrictedDecoding; For static variables, we use the "s_" prefix. "m_" for "member", "s_" for "static". > Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm:450 > + if (auto trustdExtensionHandle = SandboxExtension::createHandleForMachLookup("com.apple.trustd.agent"_s, std::nullopt)) > + parameters.trustdExtensionHandle = WTFMove(*trustdExtensionHandle); In a follow-up, it would be nice to disconnect Mail from trustd. (In reply to Geoffrey Garen from comment #5) > Comment on attachment 454398 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=454398&action=review > > r=me > > > Source/WebCore/platform/graphics/cg/ImageDecoderCG.h:78 > > + static bool m_enableRestrictedDecoding; > > For static variables, we use the "s_" prefix. "m_" for "member", "s_" for > "static". > Will fix! > > Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm:450 > > + if (auto trustdExtensionHandle = SandboxExtension::createHandleForMachLookup("com.apple.trustd.agent"_s, std::nullopt)) > > + parameters.trustdExtensionHandle = WTFMove(*trustdExtensionHandle); > > In a follow-up, it would be nice to disconnect Mail from trustd. That is a good point, I will follow up on this. Thanks for reviewing! Committed r291190 (248346@main): <https://commits.webkit.org/248346@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 454398 [details]. Reopening to attach new patch. Created attachment 454514 [details]
Patch
Committed r291204 (248359@main): <https://commits.webkit.org/248359@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 454514 [details]. Comment on attachment 454398 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=454398&action=review > Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm:295 > +#if USE(APPLE_INTERNAL_SDK) I know this was preexisting, but it's generally wrong for code to be guarded by USE(APPLE_INTERNAL_SDK); you should use SPI headers (which can be guarded by USE(APPLE_INTERNAL_SDK)) to run the same code in non-internal-SDK builds... is there a reason this code doesn't behave like the rest? (In reply to Tim Horton from comment #11) > Comment on attachment 454398 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=454398&action=review > > > Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm:295 > > +#if USE(APPLE_INTERNAL_SDK) > > I know this was preexisting, but it's generally wrong for code to be guarded > by USE(APPLE_INTERNAL_SDK); you should use SPI headers (which can be guarded > by USE(APPLE_INTERNAL_SDK)) to run the same code in non-internal-SDK > builds... is there a reason this code doesn't behave like the rest? That is a good point. This should behave like the rest. I have filed a bug report to address this. Thanks for reviewing! |