[Webkit-unassigned] [Bug 55371] Properly canonicalize paths for sandbox extensions
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Feb 28 11:05:30 PST 2011
https://bugs.webkit.org/show_bug.cgi?id=55371
Darin Adler <darin at apple.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #84051|review? |review+
Flag| |
--- Comment #2 from Darin Adler <darin at apple.com> 2011-02-28 11:05:30 PST ---
(From update of attachment 84051)
View in context: https://bugs.webkit.org/attachment.cgi?id=84051&action=review
> Source/WebKit2/Shared/mac/SandboxExtensionMac.mm:115
> - NSString *standardizedPath = [(NSString *)path stringByStandardizingPath];
> - handle.m_sandboxExtension = WKSandboxExtensionCreate([standardizedPath fileSystemRepresentation], wkSandboxExtensionType(type));
> + char normalizedPath[PATH_MAX];
> + if (!realpath(path.utf8().data(), normalizedPath))
> + return;
Adding the call to realpath seems fine. I believe that’s the primary intention of this patch.
But I’m surprised that it’s correct to convert to UTF-8 explicitly rather than using the fileSystemRepresentation method. Previously we had been told that it was always better to use that method and not do the UTF-8 conversion ourselves.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list