Attachment 350108 Details for Bug 189740 – Patch

[patch] Patch

bug-189740-20180919151747.patch (text/plain), 3.17 KB, created by Yacine Bandou on 2018-09-19 06:17:49 PDT

(hide)

Description:

Filename:

MIME Type:

Creator: Yacine Bandou

Created: 2018-09-19 06:17:49 PDT

Size: 3.17 KB

patch

obsolete

>Subversion Revision: 236165
>diff --git a/Source/WebCore/ChangeLog b/Source/WebCore/ChangeLog
>index 9fcb657142ed7fe2503cc27f7bdae634efdf21e4..9a4c0e5104e26ade166eb96cd5ef162cc67ef5d3 100644
>--- a/Source/WebCore/ChangeLog
>+++ b/Source/WebCore/ChangeLog
>@@ -1,3 +1,21 @@
>+2018-09-19  Yacine Bandou  <yacine.bandou@softathome.com>
>+
>+        [EME] Add WebM sanitization
>+        https://bugs.webkit.org/show_bug.cgi?id=189740
>+
>+        Reviewed by NOBODY (OOPS!).
>+
>+        This patch adds support for sanitizing the WebM initialization data,
>+        ensures there are no bogus values.
>+        see https://www.w3.org/TR/encrypted-media/#dom-mediakeysession-generaterequest
>+
>+        Tests: imported/w3c/web-platform-tests/encrypted-media/clearkey-generate-request-disallowed-input.https.html
>+
>+        * Modules/encryptedmedia/InitDataRegistry.cpp:
>+        (WebCore::sanitizeWebM): Added implementation, check if the initialization data doesn't empty and its size
>+        should be less than 64KB, return a copy of the buffer when its is ok, otherwise a nullptr.
>+        (WebCore::extractKeyIDsWebM): Added implementation.
>+
> 2018-09-19  Philippe Normand <pnormand@igalia.com>
> 
>         [GStreamer] Add support for AV1 decoding
>diff --git a/Source/WebCore/Modules/encryptedmedia/InitDataRegistry.cpp b/Source/WebCore/Modules/encryptedmedia/InitDataRegistry.cpp
>index fb3e4c089d645eeacf74fa5d00522b3c9809f78f..bfe9dff6d77e149a3b0ae45fa5d65895e467dd29 100644
>--- a/Source/WebCore/Modules/encryptedmedia/InitDataRegistry.cpp
>+++ b/Source/WebCore/Modules/encryptedmedia/InitDataRegistry.cpp
>@@ -41,6 +41,10 @@ namespace WebCore {
> 
> namespace {
>     const uint32_t kCencMaxBoxSize = 64 * KB;
>+    // ContentEncKeyID has this EBML code [47][E2] in WebM,
>+    // as per spec the size of the ContentEncKeyID is encoded on 16 bits.
>+    // https://matroska.org/technical/specs/index.html#ContentEncKeyID/
>+    const uint32_t kWebMMaxContentEncKeyIDSize = 64 * KB; // 2^16
> }
> 
> static std::optional<Vector<Ref<SharedBuffer>>> extractKeyIDsKeyids(const SharedBuffer& buffer)
>@@ -139,18 +143,22 @@ static RefPtr<SharedBuffer> sanitizeCenc(const SharedBuffer& buffer)
> 
> static RefPtr<SharedBuffer> sanitizeWebM(const SharedBuffer& buffer)
> {
>-    // 1. Format
>-    // https://w3c.github.io/encrypted-media/format-registry/initdata/webm.html#format
>-    notImplemented();
>+    if (buffer.isEmpty() || buffer.size() > kWebMMaxContentEncKeyIDSize)
>+        return nullptr;
>     return buffer.copy();
> }
> 
>-static std::optional<Vector<Ref<SharedBuffer>>> extractKeyIDsWebM(const SharedBuffer&)
>+static std::optional<Vector<Ref<SharedBuffer>>> extractKeyIDsWebM(const SharedBuffer& buffer)
> {
>-    // 1. Format
>+    Vector<Ref<SharedBuffer>> keyIDs;
>+
>+    // Check if the buffer is a valid WebM initData.
>+    // The WebM initData is the ContentEncKeyID, so should be less than kWebMMaxContentEncKeyIDSize.
>     // https://w3c.github.io/encrypted-media/format-registry/initdata/webm.html#format
>-    notImplemented();
>-    return std::nullopt;
>+    if (buffer.isEmpty() || buffer.size() > kWebMMaxContentEncKeyIDSize)
>+        return std::nullopt;
>+    keyIDs.append(buffer.copy());
>+    return keyIDs;
> }
> 
> InitDataRegistry& InitDataRegistry::shared()

Actions: View | Formatted Diff | Diff

Attachments on bug 189740: 350106 | 350108 | 350184 | 350208 | 350213