[webkit-changes] [WebKit/WebKit] 57afba: Stop using EnumTraits in OptionSet

Alex Christensen noreply at github.com
Thu Nov 16 11:18:35 PST 2023 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 57afbafbe26097d0816e24c85b2a9c096bcab60d
      https://github.com/WebKit/WebKit/commit/57afbafbe26097d0816e24c85b2a9c096bcab60d
  Author: Alex Christensen <achristensen at apple.com>
  Date:   2023-11-16 (Thu, 16 Nov 2023)

  Changed paths:
    M Source/WTF/wtf/OptionSet.h
    M Source/WebKit/UIProcess/API/Cocoa/_WKWebExtensionCommand.mm
    M Source/WebKit/UIProcess/API/Cocoa/_WKWebExtensionContext.mm
    M Source/WebKit/UIProcess/Extensions/WebExtension.h
    M Source/WebKit/UIProcess/Extensions/WebExtensionTab.h
    M Source/WebKit/UIProcess/Extensions/WebExtensionWindow.h
    M Source/WebKit/WebProcess/Extensions/API/Cocoa/WebExtensionAPIWindowsCocoa.mm

  Log Message:
  -----------
  Stop using EnumTraits in OptionSet
https://bugs.webkit.org/show_bug.cgi?id=264903

Reviewed by Timothy Hatcher.

It was used for only a few things:

1. It was used for isValidOptionSet, which is called when deserializing bytes from IPC.
   These uses are on their way to being entirely generated instead of using EnumTraits,
   and EnumTraits continues to be used for the types that are deserialized from IPC but
   have not yet been generated.
2. It was used in OptionSet::all to generate an OptionSet that contained only the valid
   bits.  The 3 uses of this function have been replaced by manually-written constexpr
   functions that are right next to the enum class definition, making it difficult to
   make errors of omission.  These 3 uses and any similar future uses are not worth
   keeping EnumTraits infrastructure around.
3. It was used to trim unused bits in OptionSet::fromRaw.  A manual inspection of all
   the functions named "decodeForPersistence" indicated that there are 0 places where
   OptionSet::fromRaw was used to "parse" data from disk.  Similarly, searching for
   ">::fromRaw(" shows us the 36 places this is used, and most of them are just
   converting bit fields to OptionSets, but none of them are used to get data from an
   untrusted source and use operations like OptionSet::operator==.  Other operations
   like contains, add, remove, etc. are unaffected by unrecognized bits.
4. It was used for debug assertions in constructors that take enum values directly.  I
   replaced these assertions by stricter assertions using hasOneBitSet instead.

Generated serialization is generating isValidOptionSet functions directly, which keeps
our code from decoding unexpected bits from IPC to prevent untrusted, possibly
compromised web content processes from being able to do unexpected things.

* Source/WTF/wtf/OptionSet.h:
(WTF::OptionSet::fromRaw):
(WTF::OptionSet::OptionSet):
(WTF::isValidOptionSet):
(WTF::isValidOptionSetEnum): Deleted.
(WTF::maskRawValue): Deleted.
(WTF::OptionSet::all): Deleted.
* Source/WebKit/UIProcess/API/Cocoa/_WKWebExtensionContext.mm:
(toImpl):
* Source/WebKit/UIProcess/Extensions/WebExtensionTab.h:
(WebKit::WebExtensionTab::allChangedProperties):
* Source/WebKit/UIProcess/Extensions/WebExtensionWindow.h:
(WebKit::allWebExtensionWindowTypeFilters):
* Source/WebKit/WebProcess/Extensions/API/Cocoa/WebExtensionAPIWindowsCocoa.mm:
(WebKit::WebExtensionAPIWindows::parseWindowTypesFilter):
(WebKit::WebExtensionContextProxy::dispatchWindowsEvent):

Canonical link: https://commits.webkit.org/270838@main

More information about the webkit-changes mailing list