309064 – Do some security hardening after 308536@main

RESOLVED FIXED309064

Do some security hardening after 308536@main

https://bugs.webkit.org/show_bug.cgi?id=309064

Summary Do some security hardening after 308536@main

Chris Dumez

Reported 2026-03-03 05:06:53 PST

Do some security hardening after 308536@main. Create a copy of the SharedMemory data on the recipient side before we attempt to decode it, to guard against TOCTOU bugs. This is performance sensitive anyway as this IPC logic is only a fallback when hitting a MACH_SEND_TOO_LARGE when sending.

Attachments
Add attachment proposed patch, testcase, etc.

Chris Dumez

Comment 1 2026-03-03 05:09:34 PST

Pull request: https://github.com/WebKit/WebKit/pull/59796

EWS

Comment 2 2026-03-03 15:34:52 PST

Committed 308585@main (b55fd4fb1945): <https://commits.webkit.org/308585@main> Reviewed commits have been landed. Closing PR #59796 and removing active labels.

Radar WebKit Bug Importer

Comment 3 2026-03-03 15:35:12 PST

<rdar://problem/171667235>

EWS

Comment 4 2026-03-03 19:54:12 PST

Committed 305413.394@safari-7624-branch (d5dc50e167de): <https://commits.webkit.org/305413.394@safari-7624-branch> Reviewed commits have been landed. Closing PR #4607 and removing active labels.

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P2

Severity Normal

Classification Unclassified

Version WebKit Nightly Build

Hardware Unspecified

OS Unspecified

Product WebKit

Component WebKit2

Assignee

Chris Dumez

Reported

2026-03-03 05:06 PST

Modified

2026-03-03 19:54 PST History

CC List

2 users Show

URL

Keywords InRadar

Depends on

Blocks