[Webkit-unassigned] [Bug 234991] New: WebKit::AuthenticatorPresenterCoordinator() constructor falls through ASSERT_NOT_REACHED()

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri Jan 7 15:18:52 PST 2022 

https://bugs.webkit.org/show_bug.cgi?id=234991

            Bug ID: 234991
           Summary: WebKit::AuthenticatorPresenterCoordinator()
                    constructor falls through ASSERT_NOT_REACHED()
           Product: WebKit
           Version: Other
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebKit2
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: ddkilzer at webkit.org
                CC: kkinnunen at apple.com,
                    webkit-bug-importer at group.apple.com
        Depends on: 234932

WebKit::AuthenticatorPresenterCoordinator() constructor falls through ASSERT_NOT_REACHED().

If the wrong `type` is passed in, the constructor would make an invalid object.

I'd recommend using a "create()" pattern that can return `nullptr` (or empty std::unique_ptr<>) which checks the `type` parameter before calling the constructor.

AuthenticatorPresenterCoordinator::AuthenticatorPresenterCoordinator(const AuthenticatorManager& manager, const String& rpId, const TransportSet& transports, ClientDataType type, const String& username)
    : m_manager(manager)
{
#if HAVE(ASC_AUTH_UI)
    m_context = adoptNS([allocASCAuthorizationPresentationContextInstance() initWithRequestContext:nullptr appIdentifier:nullptr]);
    if ([getASCAuthorizationPresentationContextClass() instancesRespondToSelector:@selector(setServiceName:)])
        [m_context setServiceName:rpId];

    switch (type) {
    case ClientDataType::Create: {
        auto options = adoptNS([allocASCPublicKeyCredentialCreationOptionsInstance() init]);
        [options setUserName:username];

        if (transports.contains(AuthenticatorTransport::Internal))
            [m_context addLoginChoice:adoptNS([allocASCPlatformPublicKeyCredentialLoginChoiceInstance() initRegistrationChoiceWithOptions:options.get()]).get()];
        if (transports.contains(AuthenticatorTransport::Usb) || transports.contains(AuthenticatorTransport::Nfc))
            [m_context addLoginChoice:adoptNS([allocASCSecurityKeyPublicKeyCredentialLoginChoiceInstance() initRegistrationChoiceWithOptions:options.get()]).get()];
        break;
    }
    case ClientDataType::Get:
        if ((transports.contains(AuthenticatorTransport::Usb) || transports.contains(AuthenticatorTransport::Nfc)) && !transports.contains(AuthenticatorTransport::Internal))
            [m_context addLoginChoice:adoptNS([allocASCSecurityKeyPublicKeyCredentialLoginChoiceInstance() initAssertionPlaceholderChoice]).get()];
        break;
    default:
        ASSERT_NOT_REACHED();
    }

    [...]
#endif // HAVE(ASC_AUTH_UI)
}

See Source/WebKit/UIProcess/WebAuthentication/Cocoa/AuthenticatorPresenterCoordinator.mm.


Referenced Bugs:

https://bugs.webkit.org/show_bug.cgi?id=234932
[Bug 234932] check-webkit-style: add checker for unexpected fall through after ASSERT_NOT_REACHED() statements
-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20220107/f10f8d4c/attachment.htm>

More information about the webkit-unassigned mailing list