[webkit-changes] [WebKit/WebKit] 09eff9: rdar://119489615 ([CoreIPC] SEGV in WebKit::Remote...
mscottapple
noreply at github.com
Tue Mar 19 08:59:48 PDT 2024
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 09eff921fc9a28f36ed936bbfcb56d5f5d722cfe
https://github.com/WebKit/WebKit/commit/09eff921fc9a28f36ed936bbfcb56d5f5d722cfe
Author: Scott Marcy <mscott at apple.com>
Date: 2024-03-19 (Tue, 19 Mar 2024)
Changed paths:
M LayoutTests/TestExpectations
A LayoutTests/ipc/invalid-message-to-addTrackBuffer-expected.txt
A LayoutTests/ipc/invalid-message-to-addTrackBuffer.html
M Source/WebKit/GPUProcess/media/RemoteSourceBufferProxy.cpp
Log Message:
-----------
rdar://119489615 ([CoreIPC] SEGV in WebKit::RemoteSourceBufferProxy::addTrackBuffer)
Checks that the TrackPrivateRemoteIdentifier argument for the IPC call RemoteSourceBufferProxy::addTrackBuffer() is valid and invalidates the IPC message if not.
Reviewed by David Kilzer.
If the TrackPrivateRemoteIdentifier value is not a known value, the IPC message will be marked as invalid, which is supposed
to crash the content process thereby thwarting any attempted attack through this mechanism.
* LayoutTests/TestExpectations:
* LayoutTests/ipc/invalid-message-to-addTrackBuffer-expected.txt: Added.
* LayoutTests/ipc/invalid-message-to-addTrackBuffer.html: Added.
* Source/WebKit/GPUProcess/media/RemoteSourceBufferProxy.cpp:
(WebKit::RemoteSourceBufferProxy::addTrackBuffer):
Originally-landed-as: 272448.259 at safari-7618-branch (60f8c4667d7a). rdar://124555372
Canonical link: https://commits.webkit.org/276351@main
To unsubscribe from these emails, change your notification settings at https://github.com/WebKit/WebKit/settings/notifications
More information about the webkit-changes
mailing list