Source/WebCore:
authorcommit-queue@webkit.org <commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 15 Jun 2015 17:23:00 +0000 (17:23 +0000)
committercommit-queue@webkit.org <commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 15 Jun 2015 17:23:00 +0000 (17:23 +0000)
[Content Extensions] Limit number of rules.
https://bugs.webkit.org/show_bug.cgi?id=145663

Patch by Alex Christensen <achristensen@webkit.org> on 2015-06-15
Reviewed by Benjamin Poulain.

Added an API test to make sure that parsing fails when there are too many rules.

* contentextensions/ContentExtensionError.cpp:
(WebCore::ContentExtensions::contentExtensionErrorCategory):
* contentextensions/ContentExtensionError.h:
* contentextensions/ContentExtensionParser.cpp:
(WebCore::ContentExtensions::loadEncodedRules):
Fail to parse a content extension with more than 50000 rules.

Tools:
[Content Extensions] Make max NFA size and max rule count user defaults.
https://bugs.webkit.org/show_bug.cgi?id=145663

Patch by Alex Christensen <achristensen@webkit.org> on 2015-06-15
Reviewed by Benjamin Poulain.

* TestWebKitAPI/Tests/WebCore/ContentExtensions.cpp:
(TestWebKitAPI::TEST_F):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@185555 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/WebCore/ChangeLog
Source/WebCore/contentextensions/ContentExtensionError.cpp
Source/WebCore/contentextensions/ContentExtensionError.h
Source/WebCore/contentextensions/ContentExtensionParser.cpp
Tools/ChangeLog
Tools/TestWebKitAPI/Tests/WebCore/ContentExtensions.cpp

index 4caf9b0..dc548a4 100644 (file)
@@ -1,3 +1,19 @@
+2015-06-15  Alex Christensen  <achristensen@webkit.org>
+
+        [Content Extensions] Limit number of rules.
+        https://bugs.webkit.org/show_bug.cgi?id=145663
+
+        Reviewed by Benjamin Poulain.
+
+        Added an API test to make sure that parsing fails when there are too many rules.
+
+        * contentextensions/ContentExtensionError.cpp:
+        (WebCore::ContentExtensions::contentExtensionErrorCategory):
+        * contentextensions/ContentExtensionError.h:
+        * contentextensions/ContentExtensionParser.cpp:
+        (WebCore::ContentExtensions::loadEncodedRules):
+        Fail to parse a content extension with more than 50000 rules.
+
 2015-06-12  Alexey Proskuryakov  <ap@apple.com>
 
         -[WKWebView evaluateJavaScript] provides a misleading error when the return cannot be serialized
index 63122b4..ffb571f 100644 (file)
@@ -77,6 +77,8 @@ const std::error_category& contentExtensionErrorCategory()
                 return "Invalid or unsupported regular expression.";
             case ContentExtensionError::JSONInvalidDomainList:
                 return "Invalid domain list.";
+            case ContentExtensionError::JSONTooManyRules:
+                return "Too many rules in JSON array.";
             case ContentExtensionError::JSONDomainNotLowerCaseASCII:
                 return "Domains must be lower case ASCII.  Use punycode to encode non-ASCII characters.";
             case ContentExtensionError::JSONUnlessAndIfDomain:
index 1d2558e..158f1b5 100644 (file)
@@ -52,6 +52,7 @@ enum class ContentExtensionError {
     JSONInvalidDomainList,
     JSONDomainNotLowerCaseASCII,
     JSONUnlessAndIfDomain,
+    JSONTooManyRules,
     
     JSONInvalidAction,
     JSONInvalidActionType,
index 65504db..26c1262 100644 (file)
@@ -239,6 +239,9 @@ static std::error_code loadEncodedRules(ExecState& exec, const String& rules, Ve
     Vector<ContentExtensionRule> localRuleList;
 
     unsigned length = topLevelArray->length();
+    const unsigned maxRuleCount = 50000;
+    if (length > maxRuleCount)
+        return ContentExtensionError::JSONTooManyRules;
     for (unsigned i = 0; i < length; ++i) {
         JSValue value = topLevelArray->getIndex(&exec, i);
         if (exec.hadException() || !value)
index fd08237..a65b556 100644 (file)
@@ -1,3 +1,13 @@
+2015-06-15  Alex Christensen  <achristensen@webkit.org>
+
+        [Content Extensions] Make max NFA size and max rule count user defaults.
+        https://bugs.webkit.org/show_bug.cgi?id=145663
+
+        Reviewed by Benjamin Poulain.
+
+        * TestWebKitAPI/Tests/WebCore/ContentExtensions.cpp:
+        (TestWebKitAPI::TEST_F):
+
 2015-06-12  Alexey Proskuryakov  <ap@apple.com>
 
         -[WKWebView evaluateJavaScript] provides a misleading error when the return cannot be serialized
index bac45d7..8102239 100644 (file)
@@ -812,6 +812,17 @@ TEST_F(ContentExtensionTest, InvalidJSON)
     checkCompilerError("[{\"action\":{\"type\":\"block\"},\"trigger\":{\"url-filter\":\"webkit.org\",\"resource-type\":[5]}}]",
         ContentExtensions::ContentExtensionError::JSONInvalidStringInTriggerFlagsArray);
     
+    StringBuilder rules;
+    rules.append("[");
+    for (unsigned i = 0; i < 49999; ++i)
+        rules.append("{\"action\":{\"type\":\"block\"},\"trigger\":{\"url-filter\":\"a\"}},");
+    String rules50000 = rules.toString();
+    String rules50001 = rules.toString();
+    rules50000.append("{\"action\":{\"type\":\"block\"},\"trigger\":{\"url-filter\":\"a\"}}]");
+    rules50001.append("{\"action\":{\"type\":\"block\"},\"trigger\":{\"url-filter\":\"a\"}},{\"action\":{\"type\":\"block\"},\"trigger\":{\"url-filter\":\"a\"}}]");
+    checkCompilerError(rules50000.utf8().data(), { });
+    checkCompilerError(rules50001.utf8().data(), ContentExtensions::ContentExtensionError::JSONTooManyRules);
+    
     checkCompilerError("[{\"action\":{\"type\":\"block\"},\"trigger\":{\"url-filter\":\"webkit.org\",\"if-domain\":{}}}]", ContentExtensions::ContentExtensionError::JSONInvalidDomainList);
     checkCompilerError("[{\"action\":{\"type\":\"block\"},\"trigger\":{\"url-filter\":\"webkit.org\",\"if-domain\":[5]}}]", ContentExtensions::ContentExtensionError::JSONInvalidDomainList);
     checkCompilerError("[{\"action\":{\"type\":\"block\"},\"trigger\":{\"url-filter\":\"webkit.org\",\"if-domain\":[\"a\"]}}]", { });