[webkit-changes] [WebKit/WebKit] 235ea5: rdar://115106974 (SEGV in -[NSView resizeSubviewsW...
mscottapple
noreply at github.com
Wed Jan 24 22:24:54 PST 2024
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 235ea5801184534cc4fe85b818c642eeea8849c3
https://github.com/WebKit/WebKit/commit/235ea5801184534cc4fe85b818c642eeea8849c3
Author: Scott Marcy <mscott at apple.com>
Date: 2024-01-24 (Wed, 24 Jan 2024)
Changed paths:
M LayoutTests/TestExpectations
A LayoutTests/ipc/invalid-fullscreen-enum-expected.txt
A LayoutTests/ipc/invalid-fullscreen-enum.html
A LayoutTests/ipc/resources/1080i60_SMPTE_8CH_audible.mov
M Source/WebCore/platform/graphics/MediaPlayerEnums.h
M Source/WebKit/UIProcess/Cocoa/VideoPresentationManagerProxy.mm
Log Message:
-----------
rdar://115106974 (SEGV in -[NSView resizeSubviewsWithOldSize:])
Checks that the VideoFullscreenMode argument for two IPC calls is valid and invalidates the IPC message if not.
Reviewed by Alex Christensen (achristensen07).
If the VideoFullscreenMode value is not as expected it IPC message will be marked as invalid, which is supposed
to crash the content process thereby thwarting any attempted attack through this mechanism.
* LayoutTests/TestExpectations:
* LayoutTests/ipc/invalid-fullscreen-enum-expected.txt: Added.
* LayoutTests/ipc/invalid-fullscreen-enum.html: Added.
* LayoutTests/ipc/resources/1080i60_SMPTE_8CH_audible.mov: Added.
* Source/WebCore/platform/graphics/MediaPlayerEnums.h:
* Source/WebKit/UIProcess/Cocoa/VideoPresentationManagerProxy.mm:
(WebKit::VideoPresentationManagerProxy::setupFullscreenWithID):
(WebKit::VideoPresentationManagerProxy::exitFullscreenWithoutAnimationToMode):
Originally-landed-as: 267815.636 at safari-7617-branch (cc4e54ad41c9). rdar://121480101
Canonical link: https://commits.webkit.org/273472@main
More information about the webkit-changes
mailing list