Bug 218182

Summary: [GStreamer][EME][Thunder] Do not sanitize CENC init data
Product: WebKit Reporter: Xabier Rodríguez Calvar <calvaris>
Component: New BugsAssignee: Xabier Rodríguez Calvar <calvaris>
Status: RESOLVED INVALID    
Severity: Normal CC: cgarcia, commit-queue, eric.carlson, ews-watchlist, glenn, gustavo, jer.noble, menard, philipj, pnormand, sergio, vjaquez, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on: 233630    
Bug Blocks:    
Attachments:
Description Flags
Patch
none
Patch pnormand: review+

Description Xabier Rodríguez Calvar 2020-10-26 06:05:30 PDT 
[GStreamer][EME][Thunder] Do not sanitize CENC init data
Comment 1 Xabier Rodríguez Calvar 2020-10-26 06:07:36 PDT 
Created attachment 412311 [details]
Patch
Comment 2 Xabier Rodríguez Calvar 2020-10-26 09:33:27 PDT 
Created attachment 412322 [details]
Patch
Comment 3 Philippe Normand 2020-10-26 10:13:44 PDT 
Comment on attachment 412322 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=412322&action=review

> Source/WebCore/platform/encryptedmedia/CDMPrivate.h:77
> +    WEBCORE_EXPORT virtual RefPtr<SharedBuffer> sanitizeInitData(const AtomString& initDataType, const SharedBuffer& initData) const;

Why the WEBCORE_EXPORT?
Comment 4 Xabier Rodríguez Calvar 2020-10-27 05:34:57 PDT 
Because the former patch failed to build without it when linking with the Mock in the tests.
Comment 5 Philippe Normand 2020-10-27 08:27:57 PDT 
Failed how?
Comment 6 Xabier Rodríguez Calvar 2020-10-27 23:57:56 PDT 
Link error cause the mock is in the tests and that is not in WebCore
Comment 7 Xabier Rodríguez Calvar 2020-10-28 08:24:52 PDT 
Committed r269103: <https://trac.webkit.org/changeset/269103>
Comment 8 Radar WebKit Bug Importer 2020-10-28 08:25:23 PDT 
<rdar://problem/70764876>
Comment 9 Philippe Normand 2021-11-27 09:03:33 PST 
I'm afraid this actually goes against the spec:

https://www.w3.org/TR/encrypted-media/#dom-mediakeysession-generaterequest (step 10.2 quoted below)

---
Let sanitized init data be a validated and sanitized version of init data.

The user agent must thoroughly validate the Initialization Data before passing it to the CDM. This includes verifying that the length and values of fields are reasonable, verifying that values are within reasonable limits, and stripping irrelevant, unsupported, or unknown data or fields. It is recommended that user agents pre-parse, sanitize, and/or generate a fully sanitized version of the Initialization Data. If the Initialization Data format specified by initDataType supports multiple entries, the user agent should remove entries that are not needed by the CDM. The user agent must not re-order entries within the Initialization Data.
---

I think the real issue is in the app side. Let's revert this patch?
Comment 10 WebKit Commit Bot 2021-11-30 03:47:12 PST 
Re-opened since this is blocked by bug 233630