Bug 196552 - Make HSTS list handling more robust against unexpected content
Summary: Make HSTS list handling more robust against unexpected content
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebKit Misc. (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Brent Fulgham
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2019-04-03 12:27 PDT by Brent Fulgham
Modified: 2019-04-08 13:25 PDT (History)
7 users (show)

See Also:

Attachments
Patch (1.81 KB, patch)
2019-04-03 12:30 PDT, Brent Fulgham 		no flags Details | Formatted Diff | Diff
Patch (2.89 KB, patch)
2019-04-08 11:21 PDT, Brent Fulgham 		cdumez: review+
Details | Formatted Diff | Diff
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Brent Fulgham 2019-04-03 12:27:36 PDT 
Crash tracing data indicates that the network process is sometimes handed malformed HSTS data, leading to a nullptr dereference. This patch adds some assertions to catch the invalid state in debug builds, and allows the process to ignore the bad data and continue.
Comment 1 Brent Fulgham 2019-04-03 12:27:55 PDT 
<rdar://problem/43403817>
Comment 2 Brent Fulgham 2019-04-03 12:30:54 PDT 
Created attachment 366630 [details]
Patch
Comment 3 Alex Christensen 2019-04-03 14:42:34 PDT 
Comment on attachment 366630 [details]
Patch

If this is happening, doesn't this indicate the HSTS cache is corrupted and we should clear the HSTS cache completely?
Comment 4 Brent Fulgham 2019-04-08 11:21:21 PDT 
Created attachment 366955 [details]
Patch
Comment 5 Chris Dumez 2019-04-08 12:54:40 PDT 
Comment on attachment 366955 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=366955&action=review

> Source/WebKit/NetworkProcess/cocoa/NetworkProcessCocoa.mm:163
> +    auto hostnames = static_cast<HashSet<String>*>(context);

We usually prefer auto* for raw pointers.
Comment 6 Brent Fulgham 2019-04-08 13:25:02 PDT 
Committed r244035: <https://trac.webkit.org/changeset/244035>