RESOLVED FIXED 186211
Make sure that the fencePort received over IPC has the expected disposition (SEND) 
https://bugs.webkit.org/show_bug.cgi?id=186211
Summary Make sure that the fencePort received over IPC has the expected disposition (...
Brent Fulgham
Reported 2018-06-01 16:12:43 PDT
We shouldn't blindly assume that the Mach Send Right we receive from the UIProcess in WebPage::setTopContentInsetFenced (and VideoFullscreenManager::setVideoLayerFrameFenced) will have the expected MACH_MSG_TYPE_MOVE_SEND disposition. Instead, we should check that it meets expectations. If we discover a discrepancy, we should discard the message without touching the mach port contents.
Attachments
Patch (3.88 KB, patch)
2018-06-01 16:16 PDT, Brent Fulgham 		no flags
DetailsFormatted DiffDiff
Archive of layout-test-results from ews206 for win-future (12.75 MB, application/zip)
2018-06-02 01:42 PDT, EWS Watchlist 		no flags
Details
Patch for landing (3.56 KB, patch)
2018-06-03 10:49 PDT, Brent Fulgham 		no flags
DetailsFormatted DiffDiff
Show Obsolete (2) View All Add attachment proposed patch, testcase, etc.
Brent Fulgham
Comment 1 2018-06-01 16:12:57 PDT
<rdar://problem/37814171>
Brent Fulgham
Comment 2 2018-06-01 16:16:00 PDT
Created attachment 341800 [details] Patch
Geoffrey Garen
Comment 3 2018-06-01 16:36:30 PDT
Comment on attachment 341800 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=341800&action=review r=me > Source/WebKit/WebProcess/WebPage/WebPage.cpp:2664 > + // Check for invalid message receipt. If this is not a send right, something has > + // gone wrong and we should discard this message. I don't think this comment adds anything. It just kind of restates the code below. > Source/WebKit/WebProcess/cocoa/VideoFullscreenManager.mm:568 > + // Check for invalid message receipt. If this is not a send right, something has > + // gone wrong and we should discard this message. Ditto.
EWS Watchlist
Comment 4 2018-06-02 01:41:57 PDT
Comment on attachment 341800 [details] Patch Attachment 341800 [details] did not pass win-ews (win): Output: http://webkit-queues.webkit.org/results/7941653 New failing tests: http/tests/security/canvas-remote-read-remote-video-localhost.html
EWS Watchlist
Comment 5 2018-06-02 01:42:08 PDT
Created attachment 341837 [details] Archive of layout-test-results from ews206 for win-future The attached test failures were seen while running run-webkit-tests on the win-ews. Bot: ews206 Port: win-future Platform: CYGWIN_NT-6.1-2.9.0-0.318-5-3-x86_64-64bit
Brent Fulgham
Comment 6 2018-06-03 10:49:56 PDT
Created attachment 341867 [details] Patch for landing
WebKit Commit Bot
Comment 7 2018-06-03 11:28:13 PDT
Comment on attachment 341867 [details] Patch for landing Clearing flags on attachment: 341867 Committed r232451: <https://trac.webkit.org/changeset/232451>
WebKit Commit Bot
Comment 8 2018-06-03 11:28:14 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.