RESOLVED FIXED 188376
Add CENC sanitization 
https://bugs.webkit.org/show_bug.cgi?id=188376
Summary Add CENC sanitization
Charlie Turner
Reported 2018-08-07 02:06:36 PDT
Add CENC sanitization
Attachments
Patch (17.08 KB, patch)
2018-08-07 02:25 PDT, Charlie Turner 		no flags
DetailsFormatted DiffDiff
Archive of layout-test-results from ews104 for mac-sierra-wk2 (2.83 MB, application/zip)
2018-08-07 03:23 PDT, EWS Watchlist 		no flags
Details
Patch (19.41 KB, patch)
2018-08-07 06:46 PDT, Charlie Turner 		no flags
DetailsFormatted DiffDiff
Patch (19.41 KB, patch)
2018-08-08 02:33 PDT, Charlie Turner 		no flags
DetailsFormatted DiffDiff
Show Obsolete (2) View All Add attachment proposed patch, testcase, etc.
Charlie Turner
Comment 1 2018-08-07 02:25:06 PDT
Created attachment 346700 [details] Patch
EWS Watchlist
Comment 2 2018-08-07 03:23:33 PDT
Comment on attachment 346700 [details] Patch Attachment 346700 [details] did not pass mac-wk2-ews (mac-wk2): Output: https://webkit-queues.webkit.org/results/8786298 New failing tests: http/wpt/beacon/cors/cors-redirect-failure.html
EWS Watchlist
Comment 3 2018-08-07 03:23:35 PDT
Created attachment 346703 [details] Archive of layout-test-results from ews104 for mac-sierra-wk2 The attached test failures were seen while running run-webkit-tests on the mac-wk2-ews. Bot: ews104 Port: mac-sierra-wk2 Platform: Mac OS X 10.12.6
Xabier Rodríguez Calvar
Comment 4 2018-08-07 03:51:36 PDT
Comment on attachment 346700 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=346700&action=review I guess you also have to fix the ios builds > Source/WebCore/Modules/encryptedmedia/InitDataRegistry.cpp:125 > + Ref<SharedBuffer> keyIDBuffer = SharedBuffer::create(WTFMove(value)); > + keyIDs.append(WTFMove(keyIDBuffer)); You can collapse these two lines, save the variable and the move. > Source/WebCore/platform/graphics/iso/ISOProtectionSystemSpecificHeaderBox.cpp:2 > + * Copyright (C) 2018 Apple Inc. All rights reserved. I guess copyright does not go to Apple here, right? > Source/WebCore/platform/graphics/iso/ISOProtectionSystemSpecificHeaderBox.cpp:51 > + auto systemID = buffer->slice(offset, offset + 16); > + if (!systemID) > + return false; > + > + offset += 16; > + > + m_systemID.resize(16); > + memcpy(m_systemID.data(), systemID->data(), 16); I don't have a strong preference on this one but since you are copying the value and even when slicing does not copy the value in all cases, we might want to do the maths ourselves and avoid slicing. Same for the key ids and data. > Source/WebCore/platform/graphics/iso/ISOProtectionSystemSpecificHeaderBox.h:2 > + * Copyright (C) 2018 Apple Inc. All rights reserved. Ditto. > Source/WebCore/platform/graphics/iso/ISOProtectionSystemSpecificHeaderBox.h:29 > +#include "ISOProtectionSystemSpecificHeaderBox.h" Is this file including itself or did I miss any subtle difference?
Charlie Turner
Comment 5 2018-08-07 06:31:22 PDT
Comment on attachment 346700 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=346700&action=review >> Source/WebCore/platform/graphics/iso/ISOProtectionSystemSpecificHeaderBox.cpp:2 >> + * Copyright (C) 2018 Apple Inc. All rights reserved. > > I guess copyright does not go to Apple here, right? I don't know, I basically copied what Apple had already done and modified it for a new box, seemed a bit cheeky taking copyright of it, but I'm no lawyer. >> Source/WebCore/platform/graphics/iso/ISOProtectionSystemSpecificHeaderBox.cpp:51 >> + memcpy(m_systemID.data(), systemID->data(), 16); > > I don't have a strong preference on this one but since you are copying the value and even when slicing does not copy the value in all cases, we might want to do the maths ourselves and avoid slicing. Same for the key ids and data. Me neither, will see if anyone else objects to it, otherwise I'm inclined to leave it as-is. >> Source/WebCore/platform/graphics/iso/ISOProtectionSystemSpecificHeaderBox.h:29 >> +#include "ISOProtectionSystemSpecificHeaderBox.h" > > Is this file including itself or did I miss any subtle difference? Oops, that's a mistake, will fix.
Charlie Turner
Comment 6 2018-08-07 06:46:14 PDT
Created attachment 346706 [details] Patch Change some cosmetics from previous review, add files to Xcode project. It was not clear how Xcode calculates unique file identifiers, I just took the first 24-bits of the md5sum for the respective files
Xabier Rodríguez Calvar
Comment 7 2018-08-07 23:08:30 PDT
Comment on attachment 346706 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=346706&action=review > Source/WebCore/platform/graphics/iso/ISOProtectionSystemSpecificHeaderBox.cpp:2 > + * Copyright (C) 2018 Apple Inc. All rights reserved. You're free, if you wish, to leave Apple's copyright here but you need to add your affiliation here as well as you (and your affiliation) are responsible of this code. > Source/WebCore/platform/graphics/iso/ISOProtectionSystemSpecificHeaderBox.h:2 > + * Copyright (C) 2018 Apple Inc. All rights reserved. Ditto.
Charlie Turner
Comment 8 2018-08-08 02:33:08 PDT
Created attachment 346762 [details] Patch Add more copyright headers
WebKit Commit Bot
Comment 9 2018-08-08 03:45:20 PDT
Comment on attachment 346762 [details] Patch Clearing flags on attachment: 346762 Committed r234689: <https://trac.webkit.org/changeset/234689>
WebKit Commit Bot
Comment 10 2018-08-08 03:45:22 PDT
All reviewed patches have been landed. Closing bug.
Radar WebKit Bug Importer
Comment 11 2018-08-08 03:47:49 PDT
<rdar://problem/43041072>
Note You need to log in before you can comment on or make changes to this bug.