Google Git
Sign in
webkit / WebKit / 10627ba484528fed3e7358b1801250bb004c8a99^! / .
commit10627ba484528fed3e7358b1801250bb004c8a99[log] [tgz]
authoraestes@apple.com <aestes@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>Wed Oct 09 21:29:19 2019 +0000
committeraestes@apple.com <aestes@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>Wed Oct 09 21:29:19 2019 +0000
treee2ab8d26a932a437711a2eb1fae30a6cbc9530c4
parent6cdbec3e6711cd621019b396b1c96891f8cf0596 [diff]
[Cocoa] IPC::decode should gracefully handle a nil allowed class
https://bugs.webkit.org/show_bug.cgi?id=202753

Reviewed by Geoffrey Garen.

If IPC::decode is called with a nil allowed class, an NSInvalidArgumentException will be
thrown when trying to create an NSArray literal with a nil value. Depending on who calls
IPC::decode, this exception might or might not be caught, leading to dropped messages or
crashes.

One case of this happening is tracked by rdar://problem/55839467. In this case, the nil
allowed class was due to a build misconfiguration, and the exception caused the UI process
to not respond to a synchronous IPC message, hanging the WebContent process.

rdar://problem/55839467 was resolved by fixing the build misconfiguration, but this patch
improves IPC::decode so that a nil allowed class results in a message decoding failure
rather than a maybe-caught NSException.

* Shared/Cocoa/ArgumentCodersCocoa.h:
(IPC::decode):


git-svn-id: http://svn.webkit.org/repository/webkit/trunk@250934 268f45cc-cd09-0410-ab3c-d52691b4dbfc

diff --git a/Source/WebKit/ChangeLog b/Source/WebKit/ChangeLog
index b28fcb6..e915c20 100644
--- a/Source/WebKit/ChangeLog
+++ b/Source/WebKit/ChangeLog

@@ -1,3 +1,26 @@
+2019-10-09  Andy Estes  <aestes@apple.com>
+
+        [Cocoa] IPC::decode should gracefully handle a nil allowed class
+        https://bugs.webkit.org/show_bug.cgi?id=202753
+
+        Reviewed by Geoffrey Garen.
+
+        If IPC::decode is called with a nil allowed class, an NSInvalidArgumentException will be
+        thrown when trying to create an NSArray literal with a nil value. Depending on who calls
+        IPC::decode, this exception might or might not be caught, leading to dropped messages or
+        crashes.
+
+        One case of this happening is tracked by rdar://problem/55839467. In this case, the nil
+        allowed class was due to a build misconfiguration, and the exception caused the UI process
+        to not respond to a synchronous IPC message, hanging the WebContent process.
+
+        rdar://problem/55839467 was resolved by fixing the build misconfiguration, but this patch
+        improves IPC::decode so that a nil allowed class results in a message decoding failure
+        rather than a maybe-caught NSException.
+
+        * Shared/Cocoa/ArgumentCodersCocoa.h:
+        (IPC::decode):
+
 2019-10-09  youenn fablet  <youenn@apple.com>
 
         Remove testRunner.setWebRTCUnifiedPlanEnabled

diff --git a/Source/WebKit/Shared/Cocoa/ArgumentCodersCocoa.h b/Source/WebKit/Shared/Cocoa/ArgumentCodersCocoa.h
index 6d6151c..9a8b578 100644
--- a/Source/WebKit/Shared/Cocoa/ArgumentCodersCocoa.h
+++ b/Source/WebKit/Shared/Cocoa/ArgumentCodersCocoa.h

@@ -84,7 +84,7 @@
 template<typename T, typename>
 Optional<RetainPtr<T>> decode(Decoder& decoder, Class allowedClass)
 {
-    return decode<T>(decoder, @[ allowedClass ]);
+    return decode<T>(decoder, allowedClass ? @[ allowedClass ] : @[ ]);
 }
 
 template<typename T> struct ArgumentCoder<T *> {