Bug 214233

Summary:

REGRESSION (r261152): 10 blocks of critical sandboxing code disabled because they are guarded with HAVE(SANDBOX_ISSUE_READ_EXTENSION_TO_PROCESS_BY_AUDIT_TOKEN)

Product:

WebKit

Reporter:

Darin Adler <darin>

Component:

WebKit2

Assignee:

Darin Adler <darin>

Status:

RESOLVED FIXED

Severity:

Critical

CC:

eric.carlson, ews-watchlist, glenn, Hironori.Fujii, jer.noble, philipj, pvollan, sergio, webkit-bug-importer

Priority:

Keywords:

InRadar

Version:

WebKit Nightly Build

Hardware:

Unspecified

OS:

Unspecified

See Also:

https://bugs.webkit.org/show_bug.cgi?id=211427
https://bugs.webkit.org/show_bug.cgi?id=214244

Attachments:

Description	Flags
Patch	none
Patch	none
Patch	none
Patch	none

Description Darin Adler 2020-07-12 07:57:11 PDT

The change in r261152 intended to remove no-longer-needed conditionals that are now always true on Cocoa platforms.

However, when I made that change I accidentally left 9 blocks of code guarded by HAVE(SANDBOX_ISSUE_READ_EXTENSION_TO_PROCESS_BY_AUDIT_TOKEN) behind. So these were all disabled!

These 9 blocks of code must either be:

1) enabled unconditionally
2) guarded by #HAVE(AUDIT_TOKEN)
3) guarded by ENABLE(SANDBOX_EXTENSIONS)

Comment 1 Darin Adler 2020-07-12 08:04:12 PDT Comment hidden (obsolete)

Created attachment 404096 [details]
Patch

Comment 2 Darin Adler 2020-07-12 08:04:55 PDT

Patch enables these code paths unconditionally. I’ll count on EWS to detect if I need to guard these with HAVE(AUDIO_TOKEN) or ENABLE(SANDBOX_EXTENSIONS).

Comment 3 Darin Adler 2020-07-12 08:21:45 PDT

To fix the WinCairo build I am working on a revised version that puts more code inside ENABLE(SANDBOX_EXTENSIONS).

Comment 4 Darin Adler 2020-07-12 08:39:44 PDT Comment hidden (obsolete)

Created attachment 404098 [details]
Patch

Comment 5 Darin Adler 2020-07-12 08:50:01 PDT Comment hidden (obsolete)

Created attachment 404099 [details]
Patch

Comment 6 Darin Adler 2020-07-12 09:07:47 PDT

Created attachment 404101 [details]
Patch

Comment 7 Darin Adler 2020-07-12 09:59:42 PDT

Ended up adding a couple ENABLE(SANDBOX_EXTENSIONS) guards. Patch is ready for review now.

Comment 8 Per Arne Vollan 2020-07-12 11:27:08 PDT

Comment on attachment 404101 [details]
Patch

R=me

Comment 9 EWS 2020-07-12 11:53:57 PDT

Committed r264283: <https://trac.webkit.org/changeset/264283>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 404101 [details].

Comment 10 Radar WebKit Bug Importer 2020-07-12 11:54:12 PDT

<rdar://problem/65439117>

Comment 11 Fujii Hironori 2020-07-13 00:13:39 PDT

WinCairo can't load local files since this change.
Filed: Bug 214248 – [WinCairo][WK2] REGRESSION (r264283): Can't load file: URL

Comment 12 Darin Adler 2020-07-13 13:34:35 PDT

rdar://64219585