Make HSTS list handling more robust against unexpected content
authorbfulgham@apple.com <bfulgham@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 8 Apr 2019 20:24:34 +0000 (20:24 +0000)
committerbfulgham@apple.com <bfulgham@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 8 Apr 2019 20:24:34 +0000 (20:24 +0000)
https://bugs.webkit.org/show_bug.cgi?id=196552
<rdar://problem/43403817>

Reviewed by Chris Dumez.

Crash logs indicate we sometimes encounter null key values during processing.
This patch adds some debug assertions to catch this in test environments, and
allows the code to skip the bad entries if encountered.

It also avoids calling CFDictionaryApplyFunction when the HSTS policies returned
by _CFNetworkCopyHSTSPolicies is nullptr, which is a possible return value.

* NetworkProcess/cocoa/NetworkProcessCocoa.mm:
(WebKit::filterPreloadHSTSEntry):
(WebKit::NetworkProcess::getHostNamesWithHSTSCache):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@244035 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/WebKit/ChangeLog
Source/WebKit/NetworkProcess/cocoa/NetworkProcessCocoa.mm

index 0fc12c6..f251aed 100644 (file)
@@ -1,3 +1,22 @@
+2019-04-08  Brent Fulgham  <bfulgham@apple.com>
+
+        Make HSTS list handling more robust against unexpected content 
+        https://bugs.webkit.org/show_bug.cgi?id=196552
+        <rdar://problem/43403817>
+
+        Reviewed by Chris Dumez.
+
+        Crash logs indicate we sometimes encounter null key values during processing.
+        This patch adds some debug assertions to catch this in test environments, and
+        allows the code to skip the bad entries if encountered.
+
+        It also avoids calling CFDictionaryApplyFunction when the HSTS policies returned
+        by _CFNetworkCopyHSTSPolicies is nullptr, which is a possible return value.
+
+        * NetworkProcess/cocoa/NetworkProcessCocoa.mm:
+        (WebKit::filterPreloadHSTSEntry):
+        (WebKit::NetworkProcess::getHostNamesWithHSTSCache):
+
 2019-04-05  Brian Burg  <bburg@apple.com>
 
         Web Automation: clean up some WebAutomationSession methods to use modern async IPC
index 5ae49f6..c8ad73e 100644 (file)
@@ -149,7 +149,18 @@ RetainPtr<CFDataRef> NetworkProcess::sourceApplicationAuditData() const
 
 static void filterPreloadHSTSEntry(const void* key, const void* value, void* context)
 {
-    HashSet<String>* hostnames = static_cast<HashSet<String>*>(context);
+    RELEASE_ASSERT(context);
+
+    ASSERT(key);
+    ASSERT(value);
+    if (!key || !value)
+        return;
+
+    ASSERT(key != kCFNull);
+    if (key == kCFNull)
+        return;
+    
+    auto* hostnames = static_cast<HashSet<String>*>(context);
     auto val = static_cast<CFDictionaryRef>(value);
     if (CFDictionaryGetValue(val, _kCFNetworkHSTSPreloaded) != kCFBooleanTrue)
         hostnames->add((CFStringRef)key);
@@ -157,8 +168,8 @@ static void filterPreloadHSTSEntry(const void* key, const void* value, void* con
 
 void NetworkProcess::getHostNamesWithHSTSCache(WebCore::NetworkStorageSession& session, HashSet<String>& hostNames)
 {
-    auto HSTSPolicies = adoptCF(_CFNetworkCopyHSTSPolicies(session.platformSession()));
-    CFDictionaryApplyFunction(HSTSPolicies.get(), filterPreloadHSTSEntry, &hostNames);
+    if (auto HSTSPolicies = adoptCF(_CFNetworkCopyHSTSPolicies(session.platformSession())))
+        CFDictionaryApplyFunction(HSTSPolicies.get(), filterPreloadHSTSEntry, &hostNames);
 }
 
 void NetworkProcess::deleteHSTSCacheForHostNames(WebCore::NetworkStorageSession& session, const Vector<String>& hostNames)