RESOLVED FIXED 201906
[GTK][WPE] Minor code cleanup in BubblewrapLauncher 
https://bugs.webkit.org/show_bug.cgi?id=201906
Summary [GTK][WPE] Minor code cleanup in BubblewrapLauncher
Patrick Griffis
Reported 2019-09-17 23:17:16 PDT
[GTK][WPE] Minor code cleanup in BubblewrapLauncher
Attachments
Patch (2.32 KB, patch)
2019-09-17 23:18 PDT, Patrick Griffis 		no flags
DetailsFormatted DiffDiff
Patch (4.62 KB, patch)
2019-09-23 10:13 PDT, Patrick Griffis 		no flags
DetailsFormatted DiffDiff
Patch (4.59 KB, patch)
2019-09-24 12:56 PDT, Patrick Griffis 		no flags
DetailsFormatted DiffDiff
Show Obsolete (2) View All Add attachment proposed patch, testcase, etc.
Patrick Griffis
Comment 1 2019-09-17 23:18:48 PDT
Created attachment 379023 [details] Patch
Carlos Garcia Campos
Comment 2 2019-09-18 00:55:21 PDT
Comment on attachment 379023 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=379023&action=review > Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp:133 > - m_proxyPath = makeProxyPath(appRunDir.get()).get(); > + m_proxyPath = makeProxyPath(appRunDir.get()).release(); What does this clarify? the string is always going to be copied by CString constructor, there's no ownership transfer. I think this would be less confusing if makeProxyPath returned a CString instead of a GUniquePtr<char>. > Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp:136 > - m_path = dbusPath.get(); > + m_path = dbusPath.release(); Same here, dbusAddressToPath should return a CString
Michael Catanzaro
Comment 3 2019-09-18 14:52:32 PDT
BTW I thought these were UAF vulnerabilities because I didn't realize the CString constructor does a memcpy... so I thought .release() would be clearer and bullied Patrick into changing this. Don't blame him. ;) I agree that using CString throughout will be better.
Carlos Garcia Campos
Comment 4 2019-09-19 00:53:37 PDT
(In reply to Michael Catanzaro from comment #3) > BTW I thought these were UAF vulnerabilities because I didn't realize the > CString constructor does a memcpy... so I thought .release() would be > clearer and bullied Patrick into changing this. Don't blame him. ;) :-) I don't blame anybody in any case, I was just confused by the clarification :-D > I agree that using CString throughout will be better.
Patrick Griffis
Comment 5 2019-09-23 10:13:22 PDT
Created attachment 379376 [details] Patch
Carlos Garcia Campos
Comment 6 2019-09-24 00:42:23 PDT
Comment on attachment 379376 [details] Patch LGTM, it seems it needs to be rebased.
Patrick Griffis
Comment 7 2019-09-24 12:56:55 PDT
Created attachment 379473 [details] Patch
WebKit Commit Bot
Comment 8 2019-09-24 16:32:14 PDT
Comment on attachment 379473 [details] Patch Clearing flags on attachment: 379473 Committed r250320: <https://trac.webkit.org/changeset/250320>
WebKit Commit Bot
Comment 9 2019-09-24 16:32:15 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.