Bug 234175 - [iOS][WP] Restrict image decoders
Summary: [iOS][WP] Restrict image decoders
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebKit Misc. (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Per Arne Vollan
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2021-12-10 14:19 PST by Per Arne Vollan
Modified: 2022-01-31 11:53 PST (History)
10 users (show)

See Also:

Attachments
Patch (8.24 KB, patch)
2021-12-10 14:28 PST, Per Arne Vollan 		no flags Details | Formatted Diff | Diff
Patch (8.29 KB, patch)
2021-12-13 02:06 PST, Per Arne Vollan 		ews-feeder: commit-queue-
Details | Formatted Diff | Diff
Patch (8.25 KB, patch)
2021-12-13 02:52 PST, Per Arne Vollan 		bfulgham: review+
Details | Formatted Diff | Diff
Patch (10.09 KB, patch)
2022-01-29 14:21 PST, Per Arne Vollan 		no flags Details | Formatted Diff | Diff
Patch (2.81 KB, patch)
2022-01-31 11:05 PST, Per Arne Vollan 		no flags Details | Formatted Diff | Diff
Show Obsolete (2) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Per Arne Vollan 2021-12-10 14:19:52 PST 
Restrict image decoders in order to enable further sandbox strengthening.
Comment 1 Per Arne Vollan 2021-12-10 14:28:28 PST 
Created attachment 446815 [details]
Patch
Comment 2 Per Arne Vollan 2021-12-13 02:06:30 PST 
Created attachment 446980 [details]
Patch
Comment 3 Per Arne Vollan 2021-12-13 02:52:54 PST 
Created attachment 446983 [details]
Patch
Comment 4 Radar WebKit Bug Importer 2021-12-17 14:20:18 PST 
<rdar://problem/86650455>
Comment 5 Brent Fulgham 2022-01-27 15:23:38 PST 
Comment on attachment 446983 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=446983&action=review

r=me

> Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm:-451
> -        parameters.videoDecoderExtensionHandles = SandboxExtension::createHandlesForMachLookup({ "com.apple.coremedia.decompressionsession"_s }, std::nullopt);

Nice!
Comment 6 Per Arne Vollan 2022-01-29 14:21:52 PST 
Created attachment 450338 [details]
Patch
Comment 7 Per Arne Vollan 2022-01-31 09:24:47 PST 
Comment on attachment 450338 [details]
Patch

Thanks for reviewing!
Comment 8 EWS 2022-01-31 09:32:49 PST 
Committed r288817 (246593@main): <https://commits.webkit.org/246593@main>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 450338 [details].
Comment 9 Simon Fraser (smfr) 2022-01-31 09:52:01 PST 
Comment on attachment 450338 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=450338&action=review

> Source/WebKit/Shared/WebProcessCreationParameters.cpp:484
> +    parameters.restrictImageAndVideoDecoders = WTFMove(*restrictImageAndVideoDecoders);

Not necessary to WTFMove a bool

> Source/WebKit/Shared/WebProcessCreationParameters.h:207
>      Vector<SandboxExtension::Handle> videoDecoderExtensionHandles;

Should this be #if PLATFORM(MAC) now?
Comment 10 Per Arne Vollan 2022-01-31 09:58:07 PST 
(In reply to Simon Fraser (smfr) from comment #9)
> Comment on attachment 450338 [details]
> Patch
> 
> View in context:
> https://bugs.webkit.org/attachment.cgi?id=450338&action=review
> 
> > Source/WebKit/Shared/WebProcessCreationParameters.cpp:484
> > +    parameters.restrictImageAndVideoDecoders = WTFMove(*restrictImageAndVideoDecoders);
> 
> Not necessary to WTFMove a bool
> 
> > Source/WebKit/Shared/WebProcessCreationParameters.h:207
> >      Vector<SandboxExtension::Handle> videoDecoderExtensionHandles;
> 
> Should this be #if PLATFORM(MAC) now?

Yes, that is a very good point; I'll upload a follow-up patch.

Thanks for reviewing!
Comment 11 Per Arne Vollan 2022-01-31 11:05:16 PST 
Reopening to attach new patch.
Comment 12 Per Arne Vollan 2022-01-31 11:05:17 PST 
Created attachment 450419 [details]
Patch
Comment 13 EWS 2022-01-31 11:53:02 PST 
Committed r288826 (246596@main): <https://commits.webkit.org/246596@main>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 450419 [details].