Adopt new secure coding APIs
authorbfulgham@apple.com <bfulgham@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 24 Oct 2017 16:21:36 +0000 (16:21 +0000)
committerbfulgham@apple.com <bfulgham@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 24 Oct 2017 16:21:36 +0000 (16:21 +0000)
https://bugs.webkit.org/show_bug.cgi?id=178484
<rdar://problem/34837193>

Reviewed by Tim Horton.

Source/WebCore:

Switch to new NSKeyed[Un]Archiver methods that active and use
NSSecureCoding by default.

Most of the new API is wrapped in a set of convenience methods so we can
build without the new API on older systems.

No change in behavior.

* editing/cocoa/EditorCocoa.mm:
(WebCore::archivedDataForAttributedString): Use new convenience method
to archive the string object.
* loader/archive/cf/LegacyWebArchiveMac.mm:
(WebCore::LegacyWebArchive::createResourceResponseFromMacArchivedData): Update to
use secure coding where possible.
(WebCore::LegacyWebArchive::createPropertyListRepresentation): Ditto.
* platform/ios/PlatformPasteboardIOS.mm:
(WebCore::PlatformPasteboard::write): Use new secure API.
(WebCore::PlatformPasteboard::typesSafeForDOMToReadAndWrite const): Ditto.
* testing/cocoa/WebArchiveDumpSupport.mm:
(WebCoreTestSupport::createCFURLResponseFromResponseData): Update to
secure coding API where possible.

Source/WebCore/PAL:

Add new convenience methods (and SPI headers) so we can adopt new NSKeyedArchiver
API that uses secure coding by default.

* PAL.xcodeproj/project.pbxproj:
* pal/spi/cocoa/NSKeyedArchiverSPI.h: Added.
(securelyArchivedDataWithRootObject): New convenience method.
(securelyUnarchiveRootObjectOfClassFromData): Ditto.
(secureArchiverFromMutableData): Ditto.
(secureUnarchiverFromData): Ditto.

Source/WebKit:

Switch to new NSKeyed[Un]Archiver methods that active and use
NSSecureCoding by default.

* Platform/ios/AccessibilityIOS.mm:
(WebKit::newAccessibilityRemoteToken): Use secure-by-default API.
* Shared/Cocoa/DataDetectionResult.mm:
(WebKit::DataDetectionResult::encode const): Ditto.
(WebKit::DataDetectionResult::decode): Ditto.
* Shared/Cocoa/WebCoreArgumentCodersCocoa.mm:
(IPC::ArgumentCoder<WebCore::Payment>::encode): Ditto.
(IPC::ArgumentCoder<WebCore::Payment>::decode): Ditto.
(IPC::ArgumentCoder<WebCore::PaymentContact>::encode): Ditto.
(IPC::ArgumentCoder<WebCore::PaymentContact>::decode): Ditto.
(IPC::ArgumentCoder<WebCore::PaymentMerchantSession>::encode): Ditto.
(IPC::ArgumentCoder<WebCore::PaymentMerchantSession>::decode): Ditto.
(IPC::ArgumentCoder<WebCore::PaymentMethod>::encode): Ditto.
(IPC::ArgumentCoder<WebCore::PaymentMethod>::decode): Ditto.
* Shared/ios/InteractionInformationAtPosition.mm:
(WebKit::InteractionInformationAtPosition::encode const): Ditto.
(WebKit::InteractionInformationAtPosition::decode): Ditto.
* Shared/mac/WebCoreArgumentCodersMac.mm:
(IPC::ArgumentCoder<ProtectionSpace>::encodePlatformData): Ditto.
(IPC::ArgumentCoder<ProtectionSpace>::decodePlatformData): Ditto.
(IPC::ArgumentCoder<Credential>::encodePlatformData): Ditto.
(IPC::ArgumentCoder<Credential>::decodePlatformData): Ditto.
(IPC::ArgumentCoder<ContentFilterUnblockHandler>::encode): Ditto.
(IPC::ArgumentCoder<ContentFilterUnblockHandler>::decode): Ditto.
(IPC::ArgumentCoder<MediaPlaybackTargetContext>::encodePlatformData): Ditto.
(IPC::ArgumentCoder<MediaPlaybackTargetContext>::decodePlatformData): Ditto.
* Shared/mac/WebHitTestResultData.mm:
(WebKit::WebHitTestResultData::platformEncode const): Ditto.
(WebKit::WebHitTestResultData::platformDecode): Ditto.
* UIProcess/API/Cocoa/WKProcessPool.mm:
(-[WKProcessPool _setObject:forBundleParameter:]): Ditto.
(-[WKProcessPool _setObjectsForBundleParametersWithDictionary:]): Ditto.
* UIProcess/API/Cocoa/WKWebView.mm:
(-[WKWebView _setInputDelegate:]): Ditto.
* UIProcess/Cocoa/WebProcessPoolCocoa.mm:
(WebKit::WebProcessPool::platformInitializeWebProcess): Ditto.
* UIProcess/ios/PageClientImplIOS.mm:
(WebKit::PageClientImpl::startAssistingNode): Ditto.
* WebProcess/InjectedBundle/API/mac/WKWebProcessPlugInBrowserContextController.mm:
(-[WKWebProcessPlugInBrowserContextController _setFormDelegate:]): Ditto.
* WebProcess/InjectedBundle/mac/InjectedBundleMac.mm:
(WebKit::InjectedBundle::initialize): Ditto.
(WebKit::InjectedBundle::setBundleParameter): Ditto.
(WebKit::InjectedBundle::setBundleParameters): Ditto.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@223889 268f45cc-cd09-0410-ab3c-d52691b4dbfc

21 files changed:
Source/WebCore/ChangeLog
Source/WebCore/PAL/ChangeLog
Source/WebCore/PAL/PAL.xcodeproj/project.pbxproj
Source/WebCore/PAL/pal/spi/cocoa/NSKeyedArchiverSPI.h [new file with mode: 0644]
Source/WebCore/editing/cocoa/EditorCocoa.mm
Source/WebCore/loader/archive/cf/LegacyWebArchiveMac.mm
Source/WebCore/platform/ios/PlatformPasteboardIOS.mm
Source/WebCore/testing/cocoa/WebArchiveDumpSupport.mm
Source/WebKit/ChangeLog
Source/WebKit/Platform/ios/AccessibilityIOS.mm
Source/WebKit/Shared/Cocoa/DataDetectionResult.mm
Source/WebKit/Shared/Cocoa/WebCoreArgumentCodersCocoa.mm
Source/WebKit/Shared/ios/InteractionInformationAtPosition.mm
Source/WebKit/Shared/mac/WebCoreArgumentCodersMac.mm
Source/WebKit/Shared/mac/WebHitTestResultData.mm
Source/WebKit/UIProcess/API/Cocoa/WKProcessPool.mm
Source/WebKit/UIProcess/API/Cocoa/WKWebView.mm
Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm
Source/WebKit/UIProcess/ios/PageClientImplIOS.mm
Source/WebKit/WebProcess/InjectedBundle/API/mac/WKWebProcessPlugInBrowserContextController.mm
Source/WebKit/WebProcess/InjectedBundle/mac/InjectedBundleMac.mm

index 9b9e5ec..b03552d 100644 (file)
@@ -1,3 +1,33 @@
+2017-10-24  Brent Fulgham  <bfulgham@apple.com>
+
+        Adopt new secure coding APIs
+        https://bugs.webkit.org/show_bug.cgi?id=178484
+        <rdar://problem/34837193>
+
+        Reviewed by Tim Horton.
+
+        Switch to new NSKeyed[Un]Archiver methods that active and use
+        NSSecureCoding by default.
+
+        Most of the new API is wrapped in a set of convenience methods so we can
+        build without the new API on older systems.
+
+        No change in behavior.
+
+        * editing/cocoa/EditorCocoa.mm:
+        (WebCore::archivedDataForAttributedString): Use new convenience method
+        to archive the string object.
+        * loader/archive/cf/LegacyWebArchiveMac.mm:
+        (WebCore::LegacyWebArchive::createResourceResponseFromMacArchivedData): Update to
+        use secure coding where possible.
+        (WebCore::LegacyWebArchive::createPropertyListRepresentation): Ditto.
+        * platform/ios/PlatformPasteboardIOS.mm:
+        (WebCore::PlatformPasteboard::write): Use new secure API.
+        (WebCore::PlatformPasteboard::typesSafeForDOMToReadAndWrite const): Ditto.
+        * testing/cocoa/WebArchiveDumpSupport.mm:
+        (WebCoreTestSupport::createCFURLResponseFromResponseData): Update to
+        secure coding API where possible.
+
 2017-10-24  Miguel Gomez  <magomez@igalia.com>
 
         [GTK][X11] Windy.com shows always straight wind lines
index 5602a02..e06c681 100644 (file)
@@ -1,3 +1,21 @@
+2017-10-24  Brent Fulgham  <bfulgham@apple.com>
+
+        Adopt new secure coding APIs
+        https://bugs.webkit.org/show_bug.cgi?id=178484
+        <rdar://problem/34837193>
+
+        Reviewed by Tim Horton.
+
+        Add new convenience methods (and SPI headers) so we can adopt new NSKeyedArchiver
+        API that uses secure coding by default.
+
+        * PAL.xcodeproj/project.pbxproj:
+        * pal/spi/cocoa/NSKeyedArchiverSPI.h: Added.
+        (securelyArchivedDataWithRootObject): New convenience method.
+        (securelyUnarchiveRootObjectOfClassFromData): Ditto.
+        (secureArchiverFromMutableData): Ditto.
+        (secureUnarchiverFromData): Ditto.
+
 2017-10-20  Alex Christensen  <achristensen@webkit.org>
 
         Expose _boundInterfaceIdentifier and _allowsCellularAccess to WKWebsiteDataStorePrivate
index f51adb0..2b09d37 100644 (file)
                1C4876D81F8D7F4E00CCEEBD /* Logging.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 1C4876D61F8D7F4E00CCEEBD /* Logging.cpp */; };
                1C4876D91F8D7F4E00CCEEBD /* Logging.h in Headers */ = {isa = PBXBuildFile; fileRef = 1C4876D71F8D7F4E00CCEEBD /* Logging.h */; };
                1C4876E01F8D837500CCEEBD /* LoggingCocoa.mm in Sources */ = {isa = PBXBuildFile; fileRef = 1C4876DF1F8D837500CCEEBD /* LoggingCocoa.mm */; };
+               7A1656441F97B2B900BA3CE4 /* NSKeyedArchiverSPI.h in Headers */ = {isa = PBXBuildFile; fileRef = 7A1656431F97B2B800BA3CE4 /* NSKeyedArchiverSPI.h */; };
                A10265871F56746100B4C844 /* FoundationSPI.h in Headers */ = {isa = PBXBuildFile; fileRef = A10265861F56746100B4C844 /* FoundationSPI.h */; };
                A10265891F56747A00B4C844 /* HIToolboxSPI.h in Headers */ = {isa = PBXBuildFile; fileRef = A10265881F56747A00B4C844 /* HIToolboxSPI.h */; };
                A102658B1F56748C00B4C844 /* QuickDrawSPI.h in Headers */ = {isa = PBXBuildFile; fileRef = A102658A1F56748C00B4C844 /* QuickDrawSPI.h */; };
                1C4876DF1F8D837500CCEEBD /* LoggingCocoa.mm */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.objcpp; path = LoggingCocoa.mm; sourceTree = "<group>"; };
                1C67CEA11E32EDA800F80F2E /* FeatureDefines.xcconfig */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.xcconfig; path = FeatureDefines.xcconfig; sourceTree = "<group>"; };
                1C67CEA21E32EE2600F80F2E /* Version.xcconfig */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.xcconfig; path = Version.xcconfig; sourceTree = "<group>"; };
+               7A1656431F97B2B800BA3CE4 /* NSKeyedArchiverSPI.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = NSKeyedArchiverSPI.h; sourceTree = "<group>"; };
                A10265861F56746100B4C844 /* FoundationSPI.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = FoundationSPI.h; sourceTree = "<group>"; };
                A10265881F56747A00B4C844 /* HIToolboxSPI.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = HIToolboxSPI.h; sourceTree = "<group>"; };
                A102658A1F56748C00B4C844 /* QuickDrawSPI.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = QuickDrawSPI.h; sourceTree = "<group>"; };
                                0C2DA1311F3BEB4900DBC317 /* NSColorSPI.h */,
                                0C2DA1321F3BEB4900DBC317 /* NSExtensionSPI.h */,
                                0C2DA1331F3BEB4900DBC317 /* NSFileManagerSPI.h */,
+                               7A1656431F97B2B800BA3CE4 /* NSKeyedArchiverSPI.h */,
                                0C2DA1341F3BEB4900DBC317 /* NSStringSPI.h */,
                                0C2DA1351F3BEB4900DBC317 /* NSTouchBarSPI.h */,
                                0C2DA1361F3BEB4900DBC317 /* NSURLConnectionSPI.h */,
                                0C7785901F45130F00F4EBB6 /* NSFontSPI.h in Headers */,
                                A10826FE1F58A433004772AC /* NSGraphicsSPI.h in Headers */,
                                0C7785911F45130F00F4EBB6 /* NSImmediateActionGestureRecognizerSPI.h in Headers */,
+                               7A1656441F97B2B900BA3CE4 /* NSKeyedArchiverSPI.h in Headers */,
                                0C7785921F45130F00F4EBB6 /* NSMenuSPI.h in Headers */,
                                0C7785931F45130F00F4EBB6 /* NSPasteboardSPI.h in Headers */,
                                0C7785941F45130F00F4EBB6 /* NSPopoverSPI.h in Headers */,
diff --git a/Source/WebCore/PAL/pal/spi/cocoa/NSKeyedArchiverSPI.h b/Source/WebCore/PAL/pal/spi/cocoa/NSKeyedArchiverSPI.h
new file mode 100644 (file)
index 0000000..680b9a3
--- /dev/null
@@ -0,0 +1,109 @@
+/*
+ * Copyright (C) 2017 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL APPLE INC. OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+ * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#pragma once
+
+#define USE_NEW_ARCHIVER_API ((PLATFORM(MAC) && __MAC_OS_X_VERSION_MAX_ALLOWED >= 101302 && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101300) || (PLATFORM(IOS) && __IPHONE_OS_VERSION_MIN_REQUIRED >= 110200) || (PLATFORM(WATCHOS) && __WATCH_OS_VERSION_MIN_REQUIRED >= 40200) || (PLATFORM(TVOS) && __TV_OS_VERSION_MIN_REQUIRED >= 110200))
+
+#if USE(APPLE_INTERNAL_SDK) && USE(NEW_ARCHIVER_API)
+
+#import <Foundation/NSKeyedArchiver_Private.h>
+
+#else
+
+#import <Availability.h>
+#import <Foundation/NSCoder.h>
+#import <Foundation/NSKeyedArchiver.h>
+#import <wtf/Assertions.h>
+
+#if USE(NEW_ARCHIVER_API)
+
+NS_ASSUME_NONNULL_BEGIN
+
+@interface NSKeyedArchiver (NSKeyedArchiverSecureCodingInitializers)
+- (instancetype)initRequiringSecureCoding:(BOOL)requiresSecureCoding API_AVAILABLE(macos(10.13), ios(11.0));
++ (nullable NSData *)archivedDataWithRootObject:(id)object requiringSecureCoding:(BOOL)requiresSecureCoding error:(NSError **)error API_AVAILABLE(macos(10.13), ios(11.0));
+@end
+
+@interface NSKeyedUnarchiver (NSKeyedUnarchiverSecureCodingInitializer)
+- (nullable instancetype)initForReadingFromData:(NSData *)data error:(NSError **)error API_AVAILABLE(macos(10.13), ios(11.0));
++ (nullable id)unarchivedObjectOfClass:(Class)cls fromData:(NSData *)data error:(NSError **)error API_AVAILABLE(macos(10.13), ios(11.0));
++ (nullable id)unarchivedObjectOfClasses:(NSSet<Class> *)classes fromData:(NSData *)data error:(NSError **)error API_AVAILABLE(macos(10.13), ios(11.0));
+@end
+
+NS_ASSUME_NONNULL_END
+
+#endif
+
+#endif
+
+#include <wtf/RetainPtr.h>
+
+inline NSData *_Nullable securelyArchivedDataWithRootObject(id _Nonnull object)
+{
+#if USE(NEW_ARCHIVER_API)
+    NSError *error;
+    NSData *data = [NSKeyedArchiver archivedDataWithRootObject:object requiringSecureCoding:YES error:&error];
+    if (!data)
+        LOG_ERROR("Unable to archive data: %@", error);
+    return data;
+#else
+    return [NSKeyedArchiver archivedDataWithRootObject:object];
+#endif
+}
+
+inline id _Nullable securelyUnarchiveObjectOfClassFromData(Class _Nonnull cls, NSData * _Nonnull data)
+{
+#if USE(NEW_ARCHIVER_API)
+    NSError *error;
+    id value = [NSKeyedUnarchiver unarchivedObjectOfClass:cls fromData:data error:&error];
+    if (!data)
+        LOG_ERROR("Unable to unarchive data: %@", error);
+    return value;
+#else
+    UNUSED_PARAM(cls);
+    return [NSKeyedUnarchiver unarchiveObjectWithData:data];
+#endif
+}
+
+inline RetainPtr<NSKeyedArchiver> secureArchiverFromMutableData(NSMutableData *_Nonnull mutableData)
+{
+    NSKeyedArchiver *archiver = [[NSKeyedArchiver alloc] initForWritingWithMutableData:mutableData];
+    [archiver setRequiresSecureCoding:YES];
+    return adoptNS(archiver);
+}
+
+inline RetainPtr<NSKeyedUnarchiver> secureUnarchiverFromData(NSData *_Nonnull data)
+{
+#if USE(NEW_ARCHIVER_API)
+    NSKeyedUnarchiver *unarchiver = [[NSKeyedUnarchiver alloc] initForReadingFromData:data error:nil];
+    unarchiver.decodingFailurePolicy = NSDecodingFailurePolicyRaiseException;
+#else
+    NSKeyedUnarchiver *unarchiver = [[NSKeyedUnarchiver alloc] initForReadingWithData:data];
+    [unarchiver setRequiresSecureCoding:YES];
+#endif
+    return adoptNS(unarchiver);
+}
+
index 3a14033..69f5b9b 100644 (file)
@@ -52,6 +52,7 @@
 #import "WebCoreNSURLExtras.h"
 #import "markup.h"
 #import <pal/spi/cocoa/NSAttributedStringSPI.h>
+#import <pal/spi/cocoa/NSKeyedArchiverSPI.h>
 #import <wtf/BlockObjCExceptions.h>
 
 namespace WebCore {
@@ -141,7 +142,7 @@ static RefPtr<SharedBuffer> archivedDataForAttributedString(NSAttributedString *
     if (!attributedString.length)
         return nullptr;
 
-    return SharedBuffer::create([NSKeyedArchiver archivedDataWithRootObject:attributedString]);
+    return SharedBuffer::create(securelyArchivedDataWithRootObject(attributedString));
 }
 
 String Editor::selectionInHTMLFormat()
index 057d114..7ae0cfa 100644 (file)
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
-#include "config.h"
-#include "LegacyWebArchive.h"
+#import "config.h"
+#import "LegacyWebArchive.h"
+
+#import <pal/spi/cocoa/NSKeyedArchiverSPI.h>
 
 namespace WebCore {
 
@@ -42,14 +44,13 @@ ResourceResponse LegacyWebArchive::createResourceResponseFromMacArchivedData(CFD
         return ResourceResponse();
     
     NSURLResponse *response = nil;
-    NSKeyedUnarchiver *unarchiver = [[NSKeyedUnarchiver alloc] initForReadingWithData:(NSData *)responseData];
-#if (PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101300) || PLATFORM(IOS)
-    // Because of <rdar://problem/34063313> we can't use this for decoding in older OS's.
-    [unarchiver setRequiresSecureCoding:YES];
+    auto unarchiver = secureUnarchiverFromData((NSData *)responseData);
     @try {
+#if (PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101300) || PLATFORM(IOS)
         response = [unarchiver decodeObjectOfClass:[NSURLResponse class] forKey:LegacyWebArchiveResourceResponseKey];
 #else
-    @try {
+        // Because of <rdar://problem/34063313> we can't use secure coding for decoding in older OS's.
+        [unarchiver setRequiresSecureCoding:NO];
         id responseObject = [unarchiver decodeObjectForKey:LegacyWebArchiveResourceResponseKey];
         if ([responseObject isKindOfClass:[NSURLResponse class]])
             response = responseObject;
@@ -59,8 +60,7 @@ ResourceResponse LegacyWebArchive::createResourceResponseFromMacArchivedData(CFD
         LOG_ERROR("Failed to decode NS(HTTP)URLResponse: %@", exception);
         response = nil;
     }
-    [unarchiver release];
-    
+
     return ResourceResponse(response);
 }
 
@@ -73,15 +73,14 @@ RetainPtr<CFDataRef> LegacyWebArchive::createPropertyListRepresentation(const Re
 
     CFMutableDataRef responseData = CFDataCreateMutable(0, 0);
 
-    NSKeyedArchiver *archiver = [[NSKeyedArchiver alloc] initForWritingWithMutableData:(NSMutableData *)responseData];
+    auto archiver = adoptNS([[NSKeyedArchiver alloc] initForWritingWithMutableData:(NSMutableData *)responseData]);
 #if (PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101300) || PLATFORM(IOS)
     // Because of <rdar://problem/34063313> we can't use this for encoding in older OS's.
     [archiver setRequiresSecureCoding:YES];
 #endif
     [archiver encodeObject:nsResponse forKey:LegacyWebArchiveResourceResponseKey];
     [archiver finishEncoding];
-    [archiver release];
-    
+
     return adoptCF(responseData);
 }
 
index a77d2dd..d0136b8 100644 (file)
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2013 Apple Inc.  All rights reserved.
+ * Copyright (C) 2013-2017 Apple Inc.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -36,6 +36,7 @@
 #import <MobileCoreServices/MobileCoreServices.h>
 #import <UIKit/UIImage.h>
 #import <UIKit/UIPasteboard.h>
+#import <pal/spi/cocoa/NSKeyedArchiverSPI.h>
 #import <pal/spi/ios/UIKitSPI.h>
 #import <wtf/ListHashSet.h>
 #import <wtf/SoftLinking.h>
@@ -264,7 +265,7 @@ void PlatformPasteboard::write(const PasteboardWebContent& content)
         [representationsToRegister addData:content.dataInWebArchiveFormat->createNSData().get() forType:WebArchivePboardType];
 
     if (content.dataInAttributedStringFormat) {
-        NSAttributedString *attributedString = [NSKeyedUnarchiver unarchiveObjectWithData:content.dataInAttributedStringFormat->createNSData().get()];
+        NSAttributedString *attributedString = securelyUnarchiveObjectOfClassFromData([NSAttributedString class], content.dataInAttributedStringFormat->createNSData().get());
         if (attributedString)
             [representationsToRegister addRepresentingObject:attributedString];
     }
@@ -379,11 +380,11 @@ Vector<String> PlatformPasteboard::typesSafeForDOMToReadAndWrite(const String& o
         if (!provider.teamData.length)
             continue;
 
-        id teamDataObject = [NSKeyedUnarchiver unarchiveObjectWithData:provider.teamData];
-        if (!teamDataObject || ![teamDataObject isKindOfClass:[NSDictionary class]])
+        NSDictionary *teamDataObject = securelyUnarchiveObjectOfClassFromData([NSDictionary class], provider.teamData);
+        if (!teamDataObject)
             continue;
 
-        id originInTeamData = [(NSDictionary *)teamDataObject objectForKey:@(originKeyForTeamData)];
+        id originInTeamData = [teamDataObject objectForKey:@(originKeyForTeamData)];
         if (![originInTeamData isKindOfClass:[NSString class]])
             continue;
         if (String((NSString *)originInTeamData) != origin)
@@ -444,8 +445,7 @@ long PlatformPasteboard::write(const PasteboardCustomData& data)
             NSMutableArray<NSString *> *typesAsNSArray = [NSMutableArray array];
             for (auto& type : data.orderedTypes)
                 [typesAsNSArray addObject:type];
-            [representationsToRegister setTeamData:[NSKeyedArchiver archivedDataWithRootObject:@{
-                @(originKeyForTeamData) : data.origin, @(customTypesKeyForTeamData) : typesAsNSArray }]];
+            [representationsToRegister setTeamData:securelyArchivedDataWithRootObject(@{ @(originKeyForTeamData) : data.origin, @(customTypesKeyForTeamData) : typesAsNSArray })];
             [representationsToRegister addData:serializedSharedBuffer.get() forType:@(PasteboardCustomData::cocoaType())];
         }
     }
index 2086408..300b83b 100644 (file)
@@ -30,6 +30,7 @@
 #import <CFNetwork/CFHTTPMessage.h>
 #import <CFNetwork/CFNetwork.h>
 #import <pal/spi/cf/CFNetworkSPI.h>
+#import <pal/spi/cocoa/NSKeyedArchiverSPI.h>
 #import <wtf/NeverDestroyed.h>
 #import <wtf/RetainPtr.h>
 #import <wtf/Vector.h>
@@ -40,15 +41,14 @@ namespace WebCoreTestSupport {
 
 static CFURLResponseRef createCFURLResponseFromResponseData(CFDataRef responseData)
 {
-    RetainPtr<NSKeyedUnarchiver> unarchiver = adoptNS([[NSKeyedUnarchiver alloc] initForReadingWithData:(NSData *)responseData]);
     NSURLResponse *response;
-#if (PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101300) || PLATFORM(IOS)
-    // Because of <rdar://problem/34063313> we can't use this for decoding in older OS's.
-    [unarchiver setRequiresSecureCoding:YES];
+    auto unarchiver = secureUnarchiverFromData((NSData *)responseData);
     @try {
+#if (PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101300) || PLATFORM(IOS)
         response = [unarchiver decodeObjectOfClass:[NSURLResponse class] forKey:@"WebResourceResponse"]; // WebResourceResponseKey in WebResource.m
 #else
-    @try {
+        // Because of <rdar://problem/34063313> we can't use secure coding for decoding in older OS's.
+        [unarchiver setRequiresSecureCoding:NO];
         response = [unarchiver decodeObjectForKey:@"WebResourceResponse"]; // WebResourceResponseKey in WebResource.m
 #endif
         [unarchiver finishDecoding];
index 2f29316..8a51983 100644 (file)
@@ -1,3 +1,59 @@
+2017-10-24  Brent Fulgham  <bfulgham@apple.com>
+
+        Adopt new secure coding APIs
+        https://bugs.webkit.org/show_bug.cgi?id=178484
+        <rdar://problem/34837193>
+
+        Reviewed by Tim Horton.
+
+        Switch to new NSKeyed[Un]Archiver methods that active and use
+        NSSecureCoding by default.
+
+        * Platform/ios/AccessibilityIOS.mm:
+        (WebKit::newAccessibilityRemoteToken): Use secure-by-default API.
+        * Shared/Cocoa/DataDetectionResult.mm:
+        (WebKit::DataDetectionResult::encode const): Ditto.
+        (WebKit::DataDetectionResult::decode): Ditto.
+        * Shared/Cocoa/WebCoreArgumentCodersCocoa.mm:
+        (IPC::ArgumentCoder<WebCore::Payment>::encode): Ditto.
+        (IPC::ArgumentCoder<WebCore::Payment>::decode): Ditto.
+        (IPC::ArgumentCoder<WebCore::PaymentContact>::encode): Ditto.
+        (IPC::ArgumentCoder<WebCore::PaymentContact>::decode): Ditto.
+        (IPC::ArgumentCoder<WebCore::PaymentMerchantSession>::encode): Ditto.
+        (IPC::ArgumentCoder<WebCore::PaymentMerchantSession>::decode): Ditto.
+        (IPC::ArgumentCoder<WebCore::PaymentMethod>::encode): Ditto.
+        (IPC::ArgumentCoder<WebCore::PaymentMethod>::decode): Ditto.
+        * Shared/ios/InteractionInformationAtPosition.mm:
+        (WebKit::InteractionInformationAtPosition::encode const): Ditto.
+        (WebKit::InteractionInformationAtPosition::decode): Ditto.
+        * Shared/mac/WebCoreArgumentCodersMac.mm:
+        (IPC::ArgumentCoder<ProtectionSpace>::encodePlatformData): Ditto.
+        (IPC::ArgumentCoder<ProtectionSpace>::decodePlatformData): Ditto.
+        (IPC::ArgumentCoder<Credential>::encodePlatformData): Ditto.
+        (IPC::ArgumentCoder<Credential>::decodePlatformData): Ditto.
+        (IPC::ArgumentCoder<ContentFilterUnblockHandler>::encode): Ditto.
+        (IPC::ArgumentCoder<ContentFilterUnblockHandler>::decode): Ditto.
+        (IPC::ArgumentCoder<MediaPlaybackTargetContext>::encodePlatformData): Ditto.
+        (IPC::ArgumentCoder<MediaPlaybackTargetContext>::decodePlatformData): Ditto.
+        * Shared/mac/WebHitTestResultData.mm:
+        (WebKit::WebHitTestResultData::platformEncode const): Ditto.
+        (WebKit::WebHitTestResultData::platformDecode): Ditto.
+        * UIProcess/API/Cocoa/WKProcessPool.mm:
+        (-[WKProcessPool _setObject:forBundleParameter:]): Ditto.
+        (-[WKProcessPool _setObjectsForBundleParametersWithDictionary:]): Ditto.
+        * UIProcess/API/Cocoa/WKWebView.mm:
+        (-[WKWebView _setInputDelegate:]): Ditto.
+        * UIProcess/Cocoa/WebProcessPoolCocoa.mm:
+        (WebKit::WebProcessPool::platformInitializeWebProcess): Ditto.
+        * UIProcess/ios/PageClientImplIOS.mm:
+        (WebKit::PageClientImpl::startAssistingNode): Ditto.
+        * WebProcess/InjectedBundle/API/mac/WKWebProcessPlugInBrowserContextController.mm:
+        (-[WKWebProcessPlugInBrowserContextController _setFormDelegate:]): Ditto.
+        * WebProcess/InjectedBundle/mac/InjectedBundleMac.mm:
+        (WebKit::InjectedBundle::initialize): Ditto.
+        (WebKit::InjectedBundle::setBundleParameter): Ditto.
+        (WebKit::InjectedBundle::setBundleParameters): Ditto.
+
 2017-10-24  Zan Dobersek  <zdobersek@igalia.com>
 
         [GTK][WPE] generate-forwarding-headers.pl should also scan derived sources in WebKit framework
index 4004ab9..fe0447a 100644 (file)
@@ -25,6 +25,7 @@
 
 #import "config.h"
 #import "AccessibilityIOS.h"
+#import <pal/spi/cocoa/NSKeyedArchiverSPI.h>
 
 #if PLATFORM(IOS)
 
@@ -34,7 +35,7 @@ NSData *newAccessibilityRemoteToken(NSUUID *uuid)
 {
     if (!uuid)
         return nil;
-    return [NSKeyedArchiver archivedDataWithRootObject:@{ @"ax-pid" : @(getpid()), @"ax-uuid" : [uuid UUIDString], @"ax-register" : @YES }];
+    return securelyArchivedDataWithRootObject(@{ @"ax-pid" : @(getpid()), @"ax-uuid" : [uuid UUIDString], @"ax-register" : @YES });
 }
 
 } // namespace WebKit
index 38d5252..3ae5aca 100644 (file)
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2014 Apple Inc. All rights reserved.
+ * Copyright (C) 2014-2017 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -29,6 +29,7 @@
 #import "ArgumentCodersCF.h"
 #import "WebCoreArgumentCoders.h"
 #import <pal/spi/cocoa/DataDetectorsCoreSPI.h>
+#import <pal/spi/cocoa/NSKeyedArchiverSPI.h>
 #import <wtf/SoftLinking.h>
 
 SOFT_LINK_PRIVATE_FRAMEWORK(DataDetectorsCore)
@@ -41,8 +42,7 @@ namespace WebKit {
 void DataDetectionResult::encode(IPC::Encoder& encoder) const
 {
     RetainPtr<NSMutableData> data = adoptNS([[NSMutableData alloc] init]);
-    RetainPtr<NSKeyedArchiver> archiver = adoptNS([[NSKeyedArchiver alloc] initForWritingWithMutableData:data.get()]);
-    [archiver setRequiresSecureCoding:YES];
+    auto archiver = secureArchiverFromMutableData(data.get());
     [archiver encodeObject:results.get() forKey:@"dataDetectorResults"];
     [archiver finishEncoding];
     
@@ -54,9 +54,8 @@ bool DataDetectionResult::decode(IPC::Decoder& decoder, DataDetectionResult& res
     RetainPtr<CFDataRef> data;
     if (!IPC::decode(decoder, data))
         return false;
-    
-    RetainPtr<NSKeyedUnarchiver> unarchiver = adoptNS([[NSKeyedUnarchiver alloc] initForReadingWithData:(NSData *)data.get()]);
-    [unarchiver setRequiresSecureCoding:YES];
+
+    auto unarchiver = secureUnarchiverFromData((NSData *)data.get());
     @try {
         result.results = [unarchiver decodeObjectOfClasses:[NSSet setWithArray:@[ [NSArray class], getDDScannerResultClass()] ] forKey:@"dataDetectorResults"];
     } @catch (NSException *exception) {
index 6a0d8c3..7cbf7b7 100644 (file)
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2016 Apple Inc. All rights reserved.
+ * Copyright (C) 2016-2017 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -30,6 +30,7 @@
 
 #import "DataReference.h"
 #import <WebCore/PaymentAuthorizationStatus.h>
+#import <pal/spi/cocoa/NSKeyedArchiverSPI.h>
 #import <pal/spi/cocoa/PassKitSPI.h>
 #import <wtf/SoftLinking.h>
 
@@ -51,9 +52,7 @@ namespace IPC {
 void ArgumentCoder<WebCore::Payment>::encode(Encoder& encoder, const WebCore::Payment& payment)
 {
     auto data = adoptNS([[NSMutableData alloc] init]);
-    auto archiver = adoptNS([[NSKeyedArchiver alloc] initForWritingWithMutableData:data.get()]);
-
-    [archiver setRequiresSecureCoding:YES];
+    auto archiver = secureArchiverFromMutableData(data.get());
 
     [archiver encodeObject:payment.pkPayment() forKey:NSKeyedArchiveRootObjectKey];
     [archiver finishEncoding];
@@ -68,8 +67,7 @@ bool ArgumentCoder<WebCore::Payment>::decode(Decoder& decoder, WebCore::Payment&
         return false;
 
     auto data = adoptNS([[NSData alloc] initWithBytesNoCopy:const_cast<void*>(static_cast<const void*>(dataReference.data())) length:dataReference.size() freeWhenDone:NO]);
-    auto unarchiver = adoptNS([[NSKeyedUnarchiver alloc] initForReadingWithData:data.get()]);
-    [unarchiver setRequiresSecureCoding:YES];
+    auto unarchiver = secureUnarchiverFromData(data.get());
     @try {
         PKPayment *pkPayment = [unarchiver decodeObjectOfClass:getPKPaymentClass() forKey:NSKeyedArchiveRootObjectKey];
         payment = Payment(pkPayment);
@@ -106,9 +104,7 @@ std::optional<WebCore::PaymentAuthorizationResult> ArgumentCoder<WebCore::Paymen
 void ArgumentCoder<WebCore::PaymentContact>::encode(Encoder& encoder, const WebCore::PaymentContact& paymentContact)
 {
     auto data = adoptNS([[NSMutableData alloc] init]);
-    auto archiver = adoptNS([[NSKeyedArchiver alloc] initForWritingWithMutableData:data.get()]);
-
-    [archiver setRequiresSecureCoding:YES];
+    auto archiver = secureArchiverFromMutableData(data.get());
 
     [archiver encodeObject:paymentContact.pkContact() forKey:NSKeyedArchiveRootObjectKey];
     [archiver finishEncoding];
@@ -123,8 +119,7 @@ bool ArgumentCoder<WebCore::PaymentContact>::decode(Decoder& decoder, WebCore::P
         return false;
 
     auto data = adoptNS([[NSData alloc] initWithBytesNoCopy:const_cast<void*>(static_cast<const void*>(dataReference.data())) length:dataReference.size() freeWhenDone:NO]);
-    auto unarchiver = adoptNS([[NSKeyedUnarchiver alloc] initForReadingWithData:data.get()]);
-    [unarchiver setRequiresSecureCoding:YES];
+    auto unarchiver = secureUnarchiverFromData(data.get());
     @try {
         PKContact *pkContact = [unarchiver decodeObjectOfClass:getPKContactClass() forKey:NSKeyedArchiveRootObjectKey];
         paymentContact = PaymentContact(pkContact);
@@ -167,9 +162,7 @@ std::optional<WebCore::PaymentError> ArgumentCoder<WebCore::PaymentError>::decod
 void ArgumentCoder<WebCore::PaymentMerchantSession>::encode(Encoder& encoder, const WebCore::PaymentMerchantSession& paymentMerchantSession)
 {
     auto data = adoptNS([[NSMutableData alloc] init]);
-    auto archiver = adoptNS([[NSKeyedArchiver alloc] initForWritingWithMutableData:data.get()]);
-
-    [archiver setRequiresSecureCoding:YES];
+    auto archiver = secureArchiverFromMutableData(data.get());
 
     [archiver encodeObject:paymentMerchantSession.pkPaymentMerchantSession() forKey:NSKeyedArchiveRootObjectKey];
     [archiver finishEncoding];
@@ -184,8 +177,7 @@ bool ArgumentCoder<WebCore::PaymentMerchantSession>::decode(Decoder& decoder, We
         return false;
 
     auto data = adoptNS([[NSData alloc] initWithBytesNoCopy:const_cast<void*>(static_cast<const void*>(dataReference.data())) length:dataReference.size() freeWhenDone:NO]);
-    auto unarchiver = adoptNS([[NSKeyedUnarchiver alloc] initForReadingWithData:data.get()]);
-    [unarchiver setRequiresSecureCoding:YES];
+    auto unarchiver = secureUnarchiverFromData(data.get());
     @try {
         PKPaymentMerchantSession *pkPaymentMerchantSession = [unarchiver decodeObjectOfClass:getPKPaymentMerchantSessionClass() forKey:NSKeyedArchiveRootObjectKey];
         paymentMerchantSession = PaymentMerchantSession(pkPaymentMerchantSession);
@@ -195,16 +187,13 @@ bool ArgumentCoder<WebCore::PaymentMerchantSession>::decode(Decoder& decoder, We
     }
 
     [unarchiver finishDecoding];
-
     return true;
 }
 
 void ArgumentCoder<WebCore::PaymentMethod>::encode(Encoder& encoder, const WebCore::PaymentMethod& paymentMethod)
 {
     auto data = adoptNS([[NSMutableData alloc] init]);
-    auto archiver = adoptNS([[NSKeyedArchiver alloc] initForWritingWithMutableData:data.get()]);
-
-    [archiver setRequiresSecureCoding:YES];
+    auto archiver = secureArchiverFromMutableData(data.get());
 
     [archiver encodeObject:paymentMethod.pkPaymentMethod() forKey:NSKeyedArchiveRootObjectKey];
     [archiver finishEncoding];
@@ -219,8 +208,7 @@ bool ArgumentCoder<WebCore::PaymentMethod>::decode(Decoder& decoder, WebCore::Pa
         return false;
 
     auto data = adoptNS([[NSData alloc] initWithBytesNoCopy:const_cast<void*>(static_cast<const void*>(dataReference.data())) length:dataReference.size() freeWhenDone:NO]);
-    auto unarchiver = adoptNS([[NSKeyedUnarchiver alloc] initForReadingWithData:data.get()]);
-    [unarchiver setRequiresSecureCoding:YES];
+    auto unarchiver = secureUnarchiverFromData(data.get());
     @try {
         PKPaymentMethod *pkPaymentMethod = [unarchiver decodeObjectOfClass:getPKPaymentMethodClass() forKey:NSKeyedArchiveRootObjectKey];
         paymentMethod = PaymentMethod(pkPaymentMethod);
index f515082..4fb3b3b 100644 (file)
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2014 Apple Inc. All rights reserved.
+ * Copyright (C) 2014-2017 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -29,6 +29,7 @@
 #import "ArgumentCodersCF.h"
 #import "WebCoreArgumentCoders.h"
 #import <pal/spi/cocoa/DataDetectorsCoreSPI.h>
+#import <pal/spi/cocoa/NSKeyedArchiverSPI.h>
 #import <wtf/SoftLinking.h>
 
 SOFT_LINK_PRIVATE_FRAMEWORK(DataDetectorsCore)
@@ -73,8 +74,7 @@ void InteractionInformationAtPosition::encode(IPC::Encoder& encoder) const
     if (isDataDetectorLink) {
         encoder << dataDetectorIdentifier;
         RetainPtr<NSMutableData> data = adoptNS([[NSMutableData alloc] init]);
-        RetainPtr<NSKeyedArchiver> archiver = adoptNS([[NSKeyedArchiver alloc] initForWritingWithMutableData:data.get()]);
-        [archiver setRequiresSecureCoding:YES];
+        auto archiver = secureArchiverFromMutableData(data.get());
         [archiver encodeObject:dataDetectorResults.get() forKey:@"dataDetectorResults"];
         [archiver finishEncoding];
         
@@ -168,8 +168,7 @@ bool InteractionInformationAtPosition::decode(IPC::Decoder& decoder, Interaction
         if (!IPC::decode(decoder, data))
             return false;
         
-        RetainPtr<NSKeyedUnarchiver> unarchiver = adoptNS([[NSKeyedUnarchiver alloc] initForReadingWithData:(NSData *)data.get()]);
-        [unarchiver setRequiresSecureCoding:YES];
+        auto unarchiver = secureUnarchiverFromData((NSData *)data.get());
         @try {
             result.dataDetectorResults = [unarchiver decodeObjectOfClasses:[NSSet setWithArray:@[ [NSArray class], getDDScannerResultClass()] ] forKey:@"dataDetectorResults"];
         } @catch (NSException *exception) {
index 12d5b4d..8dd531d 100644 (file)
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2010 Apple Inc. All rights reserved.
+ * Copyright (C) 2010-2017 Apple Inc. All rights reserved.
  * Copyright (C) 2013 Company 100 Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -38,6 +38,7 @@
 #import <WebCore/ResourceError.h>
 #import <WebCore/ResourceRequest.h>
 #import <pal/spi/cf/CFNetworkSPI.h>
+#import <pal/spi/cocoa/NSKeyedArchiverSPI.h>
 
 #if USE(CFURLCONNECTION)
 #import <CFNetwork/CFURLRequest.h>
@@ -472,9 +473,8 @@ bool ArgumentCoder<ResourceError>::decodePlatformData(Decoder& decoder, Resource
 
 void ArgumentCoder<ProtectionSpace>::encodePlatformData(Encoder& encoder, const ProtectionSpace& space)
 {
-    RetainPtr<NSMutableData> data = adoptNS([[NSMutableData alloc] init]);
-    RetainPtr<NSKeyedArchiver> archiver = adoptNS([[NSKeyedArchiver alloc] initForWritingWithMutableData:data.get()]);
-    [archiver setRequiresSecureCoding:YES];
+    auto data = adoptNS([[NSMutableData alloc] init]);
+    auto archiver = secureArchiverFromMutableData(data.get());
     [archiver encodeObject:space.nsSpace() forKey:@"protectionSpace"];
     [archiver finishEncoding];
     IPC::encode(encoder, reinterpret_cast<CFDataRef>(data.get()));
@@ -486,8 +486,7 @@ bool ArgumentCoder<ProtectionSpace>::decodePlatformData(Decoder& decoder, Protec
     if (!IPC::decode(decoder, data))
         return false;
 
-    RetainPtr<NSKeyedUnarchiver> unarchiver = adoptNS([[NSKeyedUnarchiver alloc] initForReadingWithData:(NSData *)data.get()]);
-    [unarchiver setRequiresSecureCoding:YES];
+    auto unarchiver = secureUnarchiverFromData((NSData *)data.get());
     @try {
         if (RetainPtr<NSURLProtectionSpace> nsSpace = [unarchiver decodeObjectOfClass:[NSURLProtectionSpace class] forKey:@"protectionSpace"])
             space = ProtectionSpace(nsSpace.get());
@@ -519,9 +518,8 @@ void ArgumentCoder<Credential>::encodePlatformData(Encoder& encoder, const Crede
     }
 
     encoder << false;
-    RetainPtr<NSMutableData> data = adoptNS([[NSMutableData alloc] init]);
-    RetainPtr<NSKeyedArchiver> archiver = adoptNS([[NSKeyedArchiver alloc] initForWritingWithMutableData:data.get()]);
-    [archiver setRequiresSecureCoding:YES];
+    auto data = adoptNS([[NSMutableData alloc] init]);
+    auto archiver = secureArchiverFromMutableData(data.get());
     [archiver encodeObject:nsCredential forKey:@"credential"];
     [archiver finishEncoding];
     IPC::encode(encoder, reinterpret_cast<CFDataRef>(data.get()));
@@ -560,8 +558,7 @@ bool ArgumentCoder<Credential>::decodePlatformData(Decoder& decoder, Credential&
     if (!IPC::decode(decoder, data))
         return false;
 
-    RetainPtr<NSKeyedUnarchiver> unarchiver = adoptNS([[NSKeyedUnarchiver alloc] initForReadingWithData:(NSData *)data.get()]);
-    [unarchiver setRequiresSecureCoding:YES];
+    auto unarchiver = secureUnarchiverFromData((NSData *)data.get());
     @try {
         if (RetainPtr<NSURLCredential> nsCredential = [unarchiver decodeObjectOfClass:[NSURLCredential class] forKey:@"credential"])
             credential = Credential(nsCredential.get());
@@ -622,9 +619,8 @@ std::optional<KeypressCommand> ArgumentCoder<KeypressCommand>::decode(Decoder& d
 #if ENABLE(CONTENT_FILTERING)
 void ArgumentCoder<ContentFilterUnblockHandler>::encode(Encoder& encoder, const ContentFilterUnblockHandler& contentFilterUnblockHandler)
 {
-    RetainPtr<NSMutableData> data = adoptNS([[NSMutableData alloc] init]);
-    RetainPtr<NSKeyedArchiver> archiver = adoptNS([[NSKeyedArchiver alloc] initForWritingWithMutableData:data.get()]);
-    [archiver setRequiresSecureCoding:YES];
+    auto data = adoptNS([[NSMutableData alloc] init]);
+    auto archiver = secureArchiverFromMutableData(data.get());
     contentFilterUnblockHandler.encode(archiver.get());
     [archiver finishEncoding];
     IPC::encode(encoder, reinterpret_cast<CFDataRef>(data.get()));
@@ -636,8 +632,7 @@ bool ArgumentCoder<ContentFilterUnblockHandler>::decode(Decoder& decoder, Conten
     if (!IPC::decode(decoder, data))
         return false;
 
-    RetainPtr<NSKeyedUnarchiver> unarchiver = adoptNS([[NSKeyedUnarchiver alloc] initForReadingWithData:(NSData *)data.get()]);
-    [unarchiver setRequiresSecureCoding:YES];
+    auto unarchiver = secureUnarchiverFromData((NSData *)data.get());
     if (!ContentFilterUnblockHandler::decode(unarchiver.get(), contentFilterUnblockHandler))
         return false;
 
@@ -656,9 +651,8 @@ static NSString *deviceContextKey()
 
 void ArgumentCoder<MediaPlaybackTargetContext>::encodePlatformData(Encoder& encoder, const MediaPlaybackTargetContext& target)
 {
-    RetainPtr<NSMutableData> data = adoptNS([[NSMutableData alloc] init]);
-    RetainPtr<NSKeyedArchiver> archiver = adoptNS([[NSKeyedArchiver alloc] initForWritingWithMutableData:data.get()]);
-    [archiver setRequiresSecureCoding:YES];
+    auto data = adoptNS([[NSMutableData alloc] init]);
+    auto archiver = secureArchiverFromMutableData(data.get());
 
     if ([getAVOutputContextClass() conformsToProtocol:@protocol(NSSecureCoding)])
         [archiver encodeObject:target.avOutputContext() forKey:deviceContextKey()];
@@ -677,8 +671,7 @@ bool ArgumentCoder<MediaPlaybackTargetContext>::decodePlatformData(Decoder& deco
     if (!IPC::decode(decoder, data))
         return false;
 
-    RetainPtr<NSKeyedUnarchiver> unarchiver = adoptNS([[NSKeyedUnarchiver alloc] initForReadingWithData:(NSData *)data.get()]);
-    [unarchiver setRequiresSecureCoding:YES];
+    auto unarchiver = secureUnarchiverFromData((NSData *)data.get());
 
     AVOutputContext *context = nil;
     @try {
index 91fd9fe..f054d10 100644 (file)
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2015 Apple Inc. All rights reserved.
+ * Copyright (C) 2015-2017 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -33,6 +33,7 @@
 #import "Encoder.h"
 #import "WebCoreArgumentCoders.h"
 #import <WebCore/TextIndicator.h>
+#import <pal/spi/cocoa/NSKeyedArchiverSPI.h>
 #import <pal/spi/mac/DataDetectorsSPI.h>
 
 namespace WebKit {
@@ -44,9 +45,8 @@ void WebHitTestResultData::platformEncode(IPC::Encoder& encoder) const
     if (!hasActionContext)
         return;
 
-    RetainPtr<NSMutableData> data = adoptNS([[NSMutableData alloc] init]);
-    RetainPtr<NSKeyedArchiver> archiver = adoptNS([[NSKeyedArchiver alloc] initForWritingWithMutableData:data.get()]);
-    [archiver setRequiresSecureCoding:YES];
+    auto data = adoptNS([[NSMutableData alloc] init]);
+    auto archiver = secureArchiverFromMutableData(data.get());
     [archiver encodeObject:detectedDataActionContext.get() forKey:@"actionContext"];
     [archiver finishEncoding];
 
@@ -75,8 +75,7 @@ bool WebHitTestResultData::platformDecode(IPC::Decoder& decoder, WebHitTestResul
     if (!IPC::decode(decoder, data))
         return false;
 
-    RetainPtr<NSKeyedUnarchiver> unarchiver = adoptNS([[NSKeyedUnarchiver alloc] initForReadingWithData:(NSData *)data.get()]);
-    [unarchiver setRequiresSecureCoding:YES];
+    auto unarchiver = secureUnarchiverFromData((NSData *)data.get());
     @try {
         hitTestResultData.detectedDataActionContext = [unarchiver decodeObjectOfClass:getDDActionContextClass() forKey:@"actionContext"];
     } @catch (NSException *exception) {
index 1802307..290f502 100644 (file)
@@ -48,6 +48,7 @@
 #import <WebCore/CertificateInfo.h>
 #import <WebCore/PluginData.h>
 #import <pal/spi/cf/CFNetworkSPI.h>
+#import <pal/spi/cocoa/NSKeyedArchiverSPI.h>
 #import <wtf/RetainPtr.h>
 
 #if PLATFORM(IOS)
@@ -213,8 +214,7 @@ static WebKit::HTTPCookieAcceptPolicy toHTTPCookieAcceptPolicy(NSHTTPCookieAccep
     auto copy = adoptNS([(NSObject *)object copy]);
 
     auto data = adoptNS([[NSMutableData alloc] init]);
-    auto keyedArchiver = adoptNS([[NSKeyedArchiver alloc] initForWritingWithMutableData:data.get()]);
-    [keyedArchiver setRequiresSecureCoding:YES];
+    auto keyedArchiver = secureArchiverFromMutableData(data.get());
 
     @try {
         [keyedArchiver encodeObject:copy.get() forKey:@"parameter"];
@@ -236,8 +236,7 @@ static WebKit::HTTPCookieAcceptPolicy toHTTPCookieAcceptPolicy(NSHTTPCookieAccep
     auto copy = adoptNS([[NSDictionary alloc] initWithDictionary:dictionary copyItems:YES]);
 
     auto data = adoptNS([[NSMutableData alloc] init]);
-    auto keyedArchiver = adoptNS([[NSKeyedArchiver alloc] initForWritingWithMutableData:data.get()]);
-    [keyedArchiver setRequiresSecureCoding:YES];
+    auto keyedArchiver = secureArchiverFromMutableData(data.get());
 
     @try {
         [keyedArchiver encodeObject:copy.get() forKey:@"parameters"];
index 0662916..c7789c1 100644 (file)
 #import <WebCore/ValidationBubble.h>
 #import <WebCore/ViewportArguments.h>
 #import <WebCore/WritingMode.h>
+#import <pal/spi/cocoa/NSKeyedArchiverSPI.h>
 #import <pal/spi/mac/NSTextFinderSPI.h>
 #import <wtf/BlockPtr.h>
 #import <wtf/HashMap.h>
@@ -4525,8 +4526,7 @@ static inline WebKit::FindOptions toFindOptions(_WKFindOptions wkFindOptions)
             NSObject <NSSecureCoding> *userObject = nil;
             if (API::Data* data = static_cast<API::Data*>(userData)) {
                 auto nsData = adoptNS([[NSData alloc] initWithBytesNoCopy:const_cast<void*>(static_cast<const void*>(data->bytes())) length:data->size() freeWhenDone:NO]);
-                auto unarchiver = adoptNS([[NSKeyedUnarchiver alloc] initForReadingWithData:nsData.get()]);
-                [unarchiver setRequiresSecureCoding:YES];
+                auto unarchiver = secureUnarchiverFromData(nsData.get());
                 @try {
                     userObject = [unarchiver decodeObjectOfClass:[NSObject class] forKey:@"userObject"];
                 } @catch (NSException *exception) {
index feef0ce..18f6d0f 100644 (file)
@@ -49,6 +49,7 @@
 #import <WebCore/RuntimeApplicationChecks.h>
 #import <WebCore/SharedBuffer.h>
 #import <pal/spi/cf/CFNetworkSPI.h>
+#import <pal/spi/cocoa/NSKeyedArchiverSPI.h>
 #import <sys/param.h>
 
 #if PLATFORM(IOS)
@@ -215,9 +216,7 @@ void WebProcessPool::platformInitializeWebProcess(WebProcessCreationParameters&
 
     if (m_bundleParameters) {
         auto data = adoptNS([[NSMutableData alloc] init]);
-        auto keyedArchiver = adoptNS([[NSKeyedArchiver alloc] initForWritingWithMutableData:data.get()]);
-
-        [keyedArchiver setRequiresSecureCoding:YES];
+        auto keyedArchiver = secureArchiverFromMutableData(data.get());
 
         @try {
             [keyedArchiver encodeObject:m_bundleParameters.get() forKey:@"parameters"];
index 005b024..66eb4ee 100644 (file)
@@ -55,6 +55,7 @@
 #import <WebCore/SharedBuffer.h>
 #import <WebCore/TextIndicator.h>
 #import <WebCore/ValidationBubble.h>
+#import <pal/spi/cocoa/NSKeyedArchiverSPI.h>
 #import <wtf/BlockPtr.h>
 
 #define MESSAGE_CHECK(assertion) MESSAGE_CHECK_BASE(assertion, m_webView->_page->process().connection())
@@ -547,8 +548,7 @@ void PageClientImpl::startAssistingNode(const AssistedNodeInformation& nodeInfor
     NSObject <NSSecureCoding> *userObject = nil;
     if (API::Data* data = static_cast<API::Data*>(userData)) {
         auto nsData = adoptNS([[NSData alloc] initWithBytesNoCopy:const_cast<void*>(static_cast<const void*>(data->bytes())) length:data->size() freeWhenDone:NO]);
-        auto unarchiver = adoptNS([[NSKeyedUnarchiver alloc] initForReadingWithData:nsData.get()]);
-        [unarchiver setRequiresSecureCoding:YES];
+        auto unarchiver = secureUnarchiverFromData(nsData.get());
         @try {
             userObject = [unarchiver decodeObjectOfClass:[NSObject class] forKey:@"userObject"];
         } @catch (NSException *exception) {
index f899ca9..b685a21 100644 (file)
@@ -65,6 +65,7 @@
 #import <WebCore/HTMLFormElement.h>
 #import <WebCore/HTMLInputElement.h>
 #import <WebCore/MainFrame.h>
+#import <pal/spi/cocoa/NSKeyedArchiverSPI.h>
 
 using namespace WebCore;
 using namespace WebKit;
@@ -484,8 +485,7 @@ static void setUpResourceLoadClient(WKWebProcessPlugInBrowserContextController *
                 return;
 
             auto data = adoptNS([[NSMutableData alloc] init]);
-            auto archiver = adoptNS([[NSKeyedArchiver alloc] initForWritingWithMutableData:data.get()]);
-            [archiver setRequiresSecureCoding:YES];
+            auto archiver = secureArchiverFromMutableData(data.get());
             @try {
                 [archiver encodeObject:userObject forKey:@"userObject"];
             } @catch (NSException *exception) {
index bb18b46..9056c99 100644 (file)
@@ -34,6 +34,7 @@
 #import "WKWebProcessPlugInInternal.h"
 #import "WebProcessCreationParameters.h"
 #import <Foundation/NSBundle.h>
+#import <pal/spi/cocoa/NSKeyedArchiverSPI.h>
 #import <stdio.h>
 #import <wtf/RetainPtr.h>
 #import <wtf/text/CString.h>
@@ -85,8 +86,7 @@ bool InjectedBundle::initialize(const WebProcessCreationParameters& parameters,
     if (parameters.bundleParameterData) {
         auto bundleParameterData = adoptNS([[NSData alloc] initWithBytesNoCopy:const_cast<void*>(static_cast<const void*>(parameters.bundleParameterData->bytes())) length:parameters.bundleParameterData->size() freeWhenDone:NO]);
 
-        auto unarchiver = adoptNS([[NSKeyedUnarchiver alloc] initForReadingWithData:bundleParameterData.get()]);
-        [unarchiver setRequiresSecureCoding:YES];
+        auto unarchiver = secureUnarchiverFromData(bundleParameterData.get());
 
         NSDictionary *dictionary = nil;
         @try {
@@ -160,8 +160,7 @@ void InjectedBundle::setBundleParameter(const String& key, const IPC::DataRefere
 #if WK_API_ENABLED
     auto bundleParameterData = adoptNS([[NSData alloc] initWithBytesNoCopy:const_cast<void*>(static_cast<const void*>(value.data())) length:value.size() freeWhenDone:NO]);
 
-    auto unarchiver = adoptNS([[NSKeyedUnarchiver alloc] initForReadingWithData:bundleParameterData.get()]);
-    [unarchiver setRequiresSecureCoding:YES];
+    auto unarchiver = secureUnarchiverFromData(bundleParameterData.get());
 
     id parameter = nil;
     @try {
@@ -183,8 +182,7 @@ void InjectedBundle::setBundleParameters(const IPC::DataReference& value)
 #if WK_API_ENABLED
     auto bundleParametersData = adoptNS([[NSData alloc] initWithBytesNoCopy:const_cast<void*>(static_cast<const void*>(value.data())) length:value.size() freeWhenDone:NO]);
 
-    auto unarchiver = adoptNS([[NSKeyedUnarchiver alloc] initForReadingWithData:bundleParametersData.get()]);
-    [unarchiver setRequiresSecureCoding:YES];
+    auto unarchiver = secureUnarchiverFromData(bundleParametersData.get());
 
     NSDictionary *parameters = nil;
     @try {