185489 – Restrict unarchiving of bundle parameters to a set of known classes

Bug 185489 - Restrict unarchiving of bundle parameters to a set of known classes

Summary: Restrict unarchiving of bundle parameters to a set of known classes

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	WebKit2 (show other bugs)
Version:	WebKit Nightly Build
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Brent Fulgham

URL:
Keywords:	InRadar

Depends on:
Blocks:

Reported:	2018-05-09 14:01 PDT by Brent Fulgham
Modified:	2018-05-09 14:55 PDT (History)
CC List:	3 users (show)

See Also:

Attachments
Patch (1.99 KB, patch) 2018-05-09 14:10 PDT, Brent Fulgham	rniwa: review+	Details \| Formatted Diff \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Brent Fulgham 2018-05-09 14:01:19 PDT

To protect WebKit from malicious software, we should restrict the classes we will unarchive when passed a bundle parameter. Currently we allow anything descending from NSObject, which is far to large a set of objects.

This is follow-up work to Bug 178484.

Comment 1 Brent Fulgham 2018-05-09 14:07:13 PDT

<rdar://problem/21912401>

Comment 2 Brent Fulgham 2018-05-09 14:10:03 PDT

Created attachment 340021 [details]
Patch

Comment 3 Brent Fulgham 2018-05-09 14:55:30 PDT

Committed r231598: <https://trac.webkit.org/changeset/231598>