[28] ModelProcess ASSERT promoted to MESSAGE_CHECK for duplicate identifier
Severity: Low | Component: WebKit ModelProcess | 69ff7c4
Rated Low because the diff promotes a debug-only ASSERT on a renderer-supplied identifier to a release-enforced MESSAGE_CHECK in ModelProcessModelPlayerManagerProxy::createModelPlayer, and adds symmetric checks to deleteModelPlayer/unloadModelPlayer.
Source/WebKit/ModelProcess/ModelProcessModelPlayerManagerProxy.cpp
+#define MESSAGE_CHECK(assertion) MESSAGE_CHECK_BASE(assertion, m_modelConnectionToWebProcess->connection())
...
- ASSERT(!m_proxies.contains(identifier));
+ MESSAGE_CHECK(!m_proxies.contains(identifier));
IPC-supplied identifier validation enforced only by debug-only ASSERT instead of release-build MESSAGE_CHECK, leaving the boundary check absent in shipping binaries.
Aaaaaaaaaaaaaa Aa Aaaaaaaaaaaaaaaaa Aaaa Aaaaaa Aaaaaaaa Aaaa a Aaaaaaaaa Aaaaaaaaaa Aaaaaaaa Aaaaaaa Aaa Aaaaaaaa Aaaaaa Aaaaaaaaa Aaaaa Aaaaaaaaa Aaaaaa Aaaa a Aaaaaa Aaaaaaaaaaaa Aa Aaaaaaaaaaaaa Aaa Aaaaaaaaaaaaaaaaaaaaaaaaa Aaa Aaa Aaa Aaaaaaa Aaa Aaa Aaa Aaa Aaaaa Aa Aaaaa Aaaaaaaa Aaaaaaaaaaaaaaaaaaaa Aaa Aaaaaaaaa
Aaaa Aaaaaaaaaaaaa Aaaaaaa Aaa Aaa Aaaaa Aaaaaaaa Aaaaaaa Aaaaaaaaaa Aaaaaaaaaaa Aaa Aaaaaaaaaaaa Aa Aaaaaaaaaa Aaaaaaaaa Aaaaaaa Aaaa Aaaaa Aaaaa Aaaaaaaaaaa
🔒The release-build consequence of a debug-only invariant check at an IPC boundary, and how far the resulting state confusion could plausibly travel.
Subscribe to read more
Audit directions
a Aaaaa Aaaaaaaa Aaaaaaaaaa Aaaaaaaaaaaaaaaaa Aaaaaaaaaaa Aaaa Aaaaaaaa Aaaaaaa Aa Aaaaaaaaaaaaaaaaaa Aaaa Aaaaaaaaaaaaaaaaaaaaaaaaaaa Aaaaaaaaaaaaaaaaaa Aaaaaaaaaaaaaa Aaaaaaaaaaaaaaaa Aaaaaaaaaa Aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa Aaaaaaaaaaa Aaaaaaaa Aa Aaaaaaaaaaa
a Aaaaaaaaaaaaaaaaaaaaaaaa Aaaa Aa Aaaaaaaaa Aaaaaaaaa Aaaa Aaaaaaaaaa Aaaaaaaaaaaaa Aaaaaaaaaaaaa Aaaaa Aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa Aaaaaaaaaaaaaaaaaaaaaaaaa Aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa Aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
a Aaaaa Aaa Aaaaaaaa Aaaaaaaaaaaaaaaaaaaaaaaa Aaa Aaaaaaaa Aaaaaaaaaa Aaaaaaaaaa Aaaaaaaaaaa Aaaaaaaaaaaaaaa Aaaaaa Aaaaaaaaaaaaaaaaaaaaaaaaaaaaa Aaa Aaaaaaaa Aa Aaaaaa Aaaaaaaaaaa Aaaa Aaaaaaaaaaaaaaa
🔒Multiple reusable audit patterns identified for finding ASSERT-vs-MESSAGE_CHECK gaps across several auxiliary-process IPC surfaces.
Subscribe to read more