[webkit-reviews] review granted: [Bug 55371] Properly canonicalize paths for sandbox extensions : [Attachment 84051] patch

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon Feb 28 11:05:29 PST 2011


Darin Adler <darin at apple.com> has granted Ivan Krstić <ike at apple.com>'s request
for review:
Bug 55371: Properly canonicalize paths for sandbox extensions
https://bugs.webkit.org/show_bug.cgi?id=55371

Attachment 84051: patch
https://bugs.webkit.org/attachment.cgi?id=84051&action=review

------- Additional Comments from Darin Adler <darin at apple.com>
View in context: https://bugs.webkit.org/attachment.cgi?id=84051&action=review

> Source/WebKit2/Shared/mac/SandboxExtensionMac.mm:115
> -    NSString *standardizedPath = [(NSString *)path
stringByStandardizingPath];
> -    handle.m_sandboxExtension = WKSandboxExtensionCreate([standardizedPath
fileSystemRepresentation], wkSandboxExtensionType(type));
> +    char normalizedPath[PATH_MAX];
> +    if (!realpath(path.utf8().data(), normalizedPath))
> +	   return;

Adding the call to realpath seems fine. I believe that’s the primary intention
of this patch.

But I’m surprised that it’s correct to convert to UTF-8 explicitly rather than
using the fileSystemRepresentation method. Previously we had been told that it
was always better to use that method and not do the UTF-8 conversion ourselves.


More information about the webkit-reviews mailing list