Bug 195555 - [EME] generateRequest was not using the sanitized init data
Summary: [EME] generateRequest was not using the sanitized init data
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: New Bugs (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Xabier Rodríguez Calvar
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2019-03-11 07:42 PDT by Xabier Rodríguez Calvar
Modified: 2019-03-12 01:30 PDT (History)
6 users (show)

See Also:


Attachments
Patch (1.95 KB, patch)
2019-03-11 07:43 PDT, Xabier Rodríguez Calvar
no flags Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Xabier Rodríguez Calvar 2019-03-11 07:42:31 PDT
[EME] generateRequest was not using the sanitized init data
Comment 1 Xabier Rodríguez Calvar 2019-03-11 07:43:38 PDT
Created attachment 364251 [details]
Patch
Comment 2 Jon Lee 2019-03-11 13:09:03 PDT
Comment on attachment 364251 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=364251&action=review

> Source/WebCore/Modules/encryptedmedia/MediaKeySession.cpp:203
> +        m_instanceSession->requestLicense(m_sessionType, initDataType, sanitizedInitData.releaseNonNull(), [this, weakThis = makeWeakPtr(*this), promise = WTFMove(promise)] (Ref<SharedBuffer>&& message, const String& sessionId, bool needsIndividualization, CDMInstanceSession::SuccessValue succeeded) mutable {

How can we test this?
Comment 3 Xabier Rodríguez Calvar 2019-03-12 01:01:52 PDT
(In reply to Jon Lee from comment #2)
> How can we test this?

I think there should be a W3C test for this if there is none, idealy for ClearKey.

Anyway for our current code for ClearKey it can't be properly tested as we'd never reach that codepath. We don't have a sanitation code path either for cenc or WebM that modifies the init data without raising an error and returning an empty init data.

I'm landing the patch, if we think we require further testing, we can open another bug.
Comment 4 WebKit Commit Bot 2019-03-12 01:29:12 PDT
Comment on attachment 364251 [details]
Patch

Clearing flags on attachment: 364251

Committed r242787: <https://trac.webkit.org/changeset/242787>
Comment 5 WebKit Commit Bot 2019-03-12 01:29:14 PDT
All reviewed patches have been landed.  Closing bug.
Comment 6 Radar WebKit Bug Importer 2019-03-12 01:30:23 PDT
<rdar://problem/48801163>