[WebAuthn] Don't assume extensions always exist
authorjiewen_tan@apple.com <jiewen_tan@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 13 May 2020 00:11:00 +0000 (00:11 +0000)
committerjiewen_tan@apple.com <jiewen_tan@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 13 May 2020 00:11:00 +0000 (00:11 +0000)
https://bugs.webkit.org/show_bug.cgi?id=211760
<rdar://problem/61217642>

Reviewed by Brent Fulgham.

Source/WebCore:

* Modules/webauthn/fido/U2fCommandConstructor.cpp:
(fido::processGoogleLegacyAppIdSupportExtension):

Source/WebKit:

* UIProcess/WebAuthentication/AuthenticatorManager.cpp:
(WebKit::WebCore::processGoogleLegacyAppIdSupportExtension):
* UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp:
(WebKit::CtapAuthenticator::processGoogleLegacyAppIdSupportExtension):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@261588 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/WebCore/ChangeLog
Source/WebCore/Modules/webauthn/fido/U2fCommandConstructor.cpp
Source/WebKit/ChangeLog
Source/WebKit/UIProcess/WebAuthentication/AuthenticatorManager.cpp
Source/WebKit/UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp

index ab63365..6d9b17c 100644 (file)
@@ -1,3 +1,14 @@
+2020-05-12  Jiewen Tan  <jiewen_tan@apple.com>
+
+        [WebAuthn] Don't assume extensions always exist
+        https://bugs.webkit.org/show_bug.cgi?id=211760
+        <rdar://problem/61217642>
+
+        Reviewed by Brent Fulgham.
+
+        * Modules/webauthn/fido/U2fCommandConstructor.cpp:
+        (fido::processGoogleLegacyAppIdSupportExtension):
+
 2020-05-12  Jer Noble  <jer.noble@apple.com>
 
         [iOS] REGRESSION: (r261342) Play/pause button doesn't work upon first entering fullscreen mode
index f2f9dc3..99bd1a9 100644 (file)
@@ -133,8 +133,12 @@ Vector<uint8_t> constructBogusU2fRegistrationCommand()
 
 String processGoogleLegacyAppIdSupportExtension(const Optional<AuthenticationExtensionsClientInputs>& extensions)
 {
-    // AuthenticatorCoordinator::create should always set it.
-    ASSERT(!!extensions);
+    if (!extensions) {
+        // AuthenticatorCoordinator::create should always set it.
+        ASSERT_NOT_REACHED();
+        return String();
+    }
+
     if (!extensions->googleLegacyAppidSupport)
         return String();
     return "https://www.gstatic.com/securitykey/origins.json"_s;
index e008797..b6d8851 100644 (file)
@@ -1,3 +1,16 @@
+2020-05-12  Jiewen Tan  <jiewen_tan@apple.com>
+
+        [WebAuthn] Don't assume extensions always exist
+        https://bugs.webkit.org/show_bug.cgi?id=211760
+        <rdar://problem/61217642>
+
+        Reviewed by Brent Fulgham.
+
+        * UIProcess/WebAuthentication/AuthenticatorManager.cpp:
+        (WebKit::WebCore::processGoogleLegacyAppIdSupportExtension):
+        * UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp:
+        (WebKit::CtapAuthenticator::processGoogleLegacyAppIdSupportExtension):
+
 2020-05-12  Chris Dumez  <cdumez@apple.com>
 
         [WK2] Neuter WKFrameIsFrameSet() / WKPageGetFrameSetLargestFrame() C API
index 27be581..c7e2b78 100644 (file)
@@ -123,8 +123,11 @@ static AuthenticatorManager::TransportSet collectTransports(const Vector<PublicK
 // Only roaming authenticators are supported for Google legacy AppID support.
 static void processGoogleLegacyAppIdSupportExtension(const Optional<AuthenticationExtensionsClientInputs>& extensions, AuthenticatorManager::TransportSet& transports)
 {
-    // AuthenticatorCoordinator::create should always set it.
-    ASSERT(!!extensions);
+    if (!extensions) {
+        // AuthenticatorCoordinator::create should always set it.
+        ASSERT_NOT_REACHED();
+        return;
+    }
     if (!extensions->googleLegacyAppidSupport)
         return;
     transports.remove(AuthenticatorTransport::Internal);
index 8f22eda..7f46cfb 100644 (file)
@@ -355,9 +355,12 @@ bool CtapAuthenticator::tryDowngrade()
 // Only U2F protocol is supported for Google legacy AppID support.
 bool CtapAuthenticator::processGoogleLegacyAppIdSupportExtension()
 {
-    // AuthenticatorCoordinator::create should always set it.
     auto& extensions = WTF::get<PublicKeyCredentialCreationOptions>(requestData().options).extensions;
-    ASSERT(!!extensions);
+    if (!extensions) {
+        // AuthenticatorCoordinator::create should always set it.
+        ASSERT_NOT_REACHED();
+        return false;
+    }
     if (extensions->googleLegacyAppidSupport)
         tryDowngrade();
     return extensions->googleLegacyAppidSupport;