RESOLVED FIXED 195555
[EME] generateRequest was not using the sanitized init data 
https://bugs.webkit.org/show_bug.cgi?id=195555
Summary [EME] generateRequest was not using the sanitized init data
Xabier Rodríguez Calvar
Reported 2019-03-11 07:42:31 PDT
[EME] generateRequest was not using the sanitized init data
Attachments
Patch (1.95 KB, patch)
2019-03-11 07:43 PDT, Xabier Rodríguez Calvar 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Xabier Rodríguez Calvar
Comment 1 2019-03-11 07:43:38 PDT
Created attachment 364251 [details] Patch
Jon Lee
Comment 2 2019-03-11 13:09:03 PDT
Comment on attachment 364251 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=364251&action=review > Source/WebCore/Modules/encryptedmedia/MediaKeySession.cpp:203 > + m_instanceSession->requestLicense(m_sessionType, initDataType, sanitizedInitData.releaseNonNull(), [this, weakThis = makeWeakPtr(*this), promise = WTFMove(promise)] (Ref<SharedBuffer>&& message, const String& sessionId, bool needsIndividualization, CDMInstanceSession::SuccessValue succeeded) mutable { How can we test this?
Xabier Rodríguez Calvar
Comment 3 2019-03-12 01:01:52 PDT
(In reply to Jon Lee from comment #2) > How can we test this? I think there should be a W3C test for this if there is none, idealy for ClearKey. Anyway for our current code for ClearKey it can't be properly tested as we'd never reach that codepath. We don't have a sanitation code path either for cenc or WebM that modifies the init data without raising an error and returning an empty init data. I'm landing the patch, if we think we require further testing, we can open another bug.
WebKit Commit Bot
Comment 4 2019-03-12 01:29:12 PDT
Comment on attachment 364251 [details] Patch Clearing flags on attachment: 364251 Committed r242787: <https://trac.webkit.org/changeset/242787>
WebKit Commit Bot
Comment 5 2019-03-12 01:29:14 PDT
All reviewed patches have been landed. Closing bug.
Radar WebKit Bug Importer
Comment 6 2019-03-12 01:30:23 PDT
<rdar://problem/48801163>
Note You need to log in before you can comment on or make changes to this bug.