Bug 201906 - [GTK][WPE] Minor code cleanup in BubblewrapLauncher
Summary: [GTK][WPE] Minor code cleanup in BubblewrapLauncher
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebKitGTK (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Patrick Griffis
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2019-09-17 23:17 PDT by Patrick Griffis
Modified: 2019-09-24 16:32 PDT (History)
4 users (show)

See Also:

Attachments
Patch (2.32 KB, patch)
2019-09-17 23:18 PDT, Patrick Griffis 		no flags Details | Formatted Diff | Diff
Patch (4.62 KB, patch)
2019-09-23 10:13 PDT, Patrick Griffis 		no flags Details | Formatted Diff | Diff
Patch (4.59 KB, patch)
2019-09-24 12:56 PDT, Patrick Griffis 		no flags Details | Formatted Diff | Diff
Show Obsolete (2) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Patrick Griffis 2019-09-17 23:17:16 PDT 
[GTK][WPE] Minor code cleanup in BubblewrapLauncher
Comment 1 Patrick Griffis 2019-09-17 23:18:48 PDT 
Created attachment 379023 [details]
Patch
Comment 2 Carlos Garcia Campos 2019-09-18 00:55:21 PDT 
Comment on attachment 379023 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=379023&action=review

> Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp:133
> -        m_proxyPath = makeProxyPath(appRunDir.get()).get();
> +        m_proxyPath = makeProxyPath(appRunDir.get()).release();

What does this clarify? the string is always going to be copied by CString constructor, there's no ownership transfer. I think this would be less confusing if makeProxyPath returned a CString instead of a GUniquePtr<char>.

> Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp:136
> -        m_path = dbusPath.get();
> +        m_path = dbusPath.release();

Same here, dbusAddressToPath should return a CString
Comment 3 Michael Catanzaro 2019-09-18 14:52:32 PDT 
BTW I thought these were UAF vulnerabilities because I didn't realize the CString constructor does a memcpy... so I thought .release() would be clearer and bullied Patrick into changing this. Don't blame him. ;)

I agree that using CString throughout will be better.
Comment 4 Carlos Garcia Campos 2019-09-19 00:53:37 PDT 
(In reply to Michael Catanzaro from comment #3)
> BTW I thought these were UAF vulnerabilities because I didn't realize the
> CString constructor does a memcpy... so I thought .release() would be
> clearer and bullied Patrick into changing this. Don't blame him. ;)

:-) I don't blame anybody in any case, I was just confused by the clarification :-D

> I agree that using CString throughout will be better.
Comment 5 Patrick Griffis 2019-09-23 10:13:22 PDT 
Created attachment 379376 [details]
Patch
Comment 6 Carlos Garcia Campos 2019-09-24 00:42:23 PDT 
Comment on attachment 379376 [details]
Patch

LGTM, it seems it needs to be rebased.
Comment 7 Patrick Griffis 2019-09-24 12:56:55 PDT 
Created attachment 379473 [details]
Patch
Comment 8 WebKit Commit Bot 2019-09-24 16:32:14 PDT 
Comment on attachment 379473 [details]
Patch

Clearing flags on attachment: 379473

Committed r250320: <https://trac.webkit.org/changeset/250320>
Comment 9 WebKit Commit Bot 2019-09-24 16:32:15 PDT 
All reviewed patches have been landed.  Closing bug.