Compare commits

...

4 Commits

Author SHA1 Message Date
Marshall Greenblatt 59f3b143ef mac: cefclient: Fix window.close() with --hide-window-on-close (fixes #3660) 2024-10-22 16:19:53 -04:00
Marshall Greenblatt 6514b929c4 Fix raw_ptr leak of main frame RFH during WebContents close (see #3660) 2024-10-22 16:19:45 -04:00
Mike Bragg a747221b01 Implement PrintCrossProcessSubframe for AlloyBrowserHostImpl (fixes #3768) 2024-10-22 16:06:43 -04:00
Marshall Greenblatt 351ea86650 win: Add SHA256 impl for Sid::FromNamedCapability (fixes #3791)
The cef_sandbox build can't use the default BoringSSL implementation
so we add an alternative implementation using the Crypto API.
2024-10-22 13:12:13 -04:00
8 changed files with 107 additions and 54 deletions

View File

@ -35,6 +35,7 @@
#include "chrome/browser/picture_in_picture/picture_in_picture_window_manager.h"
#include "chrome/common/webui_url_constants.h"
#include "components/input/native_web_keyboard_event.h"
#include "components/printing/browser/print_composite_client.h"
#include "components/zoom/page_zoom.h"
#include "content/browser/gpu/compositor_util.h"
#include "content/public/browser/desktop_media_id.h"
@ -922,6 +923,16 @@ bool AlloyBrowserHostImpl::IsAudioMuted() {
// content::WebContentsDelegate methods.
// -----------------------------------------------------------------------------
void AlloyBrowserHostImpl::PrintCrossProcessSubframe(
content::WebContents* web_contents,
const gfx::Rect& rect,
int document_cookie,
content::RenderFrameHost* subframe_host) const {
auto* client = printing::PrintCompositeClient::FromWebContents(web_contents);
if (client)
client->PrintCrossProcessSubframe(rect, document_cookie, subframe_host);
}
content::WebContents* AlloyBrowserHostImpl::OpenURLFromTab(
content::WebContents* source,
const content::OpenURLParams& params,

View File

@ -174,6 +174,10 @@ class AlloyBrowserHostImpl : public CefBrowserHostBase,
DestructionState destruction_state() const { return destruction_state_; }
// content::WebContentsDelegate methods.
void PrintCrossProcessSubframe(content::WebContents* web_contents,
const gfx::Rect& rect,
int document_cookie,
content::RenderFrameHost* subframe_host) const override;
content::WebContents* OpenURLFromTab(
content::WebContents* source,
const content::OpenURLParams& params,

View File

@ -277,11 +277,14 @@ void CefBrowserInfo::RemoveFrame(content::RenderFrameHost* host) {
{
auto it2 = frame_info_set_.find(frame_info);
// Explicitly Detach everything but the current main frame.
// Explicitly Detach everything.
const auto& other_frame_info = *it2;
if (other_frame_info->frame_ && !other_frame_info->IsCurrentMainFrame()) {
if (other_frame_info->frame_) {
const bool is_current_main_frame = other_frame_info->IsCurrentMainFrame();
if (other_frame_info->frame_->Detach(
CefFrameHostImpl::DetachReason::RENDER_FRAME_DELETED)) {
CefFrameHostImpl::DetachReason::RENDER_FRAME_DELETED,
is_current_main_frame)) {
DCHECK(!is_current_main_frame);
MaybeNotifyFrameDetached(browser_, other_frame_info->frame_);
}
}
@ -477,7 +480,8 @@ void CefBrowserInfo::SetMainFrame(CefRefPtr<CefBrowserHostBase> browser,
CefRefPtr<CefFrameHostImpl> old_frame;
if (main_frame_) {
old_frame = main_frame_;
if (old_frame->Detach(CefFrameHostImpl::DetachReason::NEW_MAIN_FRAME)) {
if (old_frame->Detach(CefFrameHostImpl::DetachReason::NEW_MAIN_FRAME,
/*is_current_main_frame=*/false)) {
MaybeNotifyFrameDetached(browser, old_frame);
}
}
@ -556,11 +560,14 @@ void CefBrowserInfo::RemoveAllFrames(
frame_id_map_.clear();
frame_token_to_id_map_.clear();
// Explicitly Detach everything but the current main frame.
// Explicitly Detach everything.
for (auto& info : frame_info_set_) {
if (info->frame_ && !info->IsCurrentMainFrame()) {
if (info->frame_) {
const bool is_current_main_frame = info->IsCurrentMainFrame();
if (info->frame_->Detach(
CefFrameHostImpl::DetachReason::BROWSER_DESTROYED)) {
CefFrameHostImpl::DetachReason::BROWSER_DESTROYED,
is_current_main_frame)) {
DCHECK(!is_current_main_frame);
MaybeNotifyFrameDetached(old_browser, info->frame_);
}
}

View File

@ -495,7 +495,7 @@ bool CefFrameHostImpl::IsDetached() const {
return !GetRenderFrameHost();
}
bool CefFrameHostImpl::Detach(DetachReason reason) {
bool CefFrameHostImpl::Detach(DetachReason reason, bool is_current_main_frame) {
CEF_REQUIRE_UIT();
if (VLOG_IS_ON(1)) {
@ -516,17 +516,21 @@ bool CefFrameHostImpl::Detach(DetachReason reason) {
<< ", is_connected=" << render_frame_.is_bound() << ")";
}
// May be called multiple times (e.g. from CefBrowserInfo SetMainFrame and
// RemoveFrame).
bool first_detach = false;
// This method may be called multiple times (e.g. from CefBrowserInfo
// SetMainFrame and RemoveFrame).
bool is_first_complete_detach = false;
// Should not be called for temporary frames.
CHECK(!is_temporary());
// Must be a main frame if |is_current_main_frame| is true.
CHECK(!is_current_main_frame || is_main_frame_);
if (!is_current_main_frame) {
{
base::AutoLock lock_scope(state_lock_);
if (browser_info_) {
first_detach = true;
is_first_complete_detach = true;
browser_info_ = nullptr;
}
}
@ -535,6 +539,7 @@ bool CefFrameHostImpl::Detach(DetachReason reason) {
while (!queued_renderer_actions_.empty()) {
queued_renderer_actions_.pop();
}
}
if (render_frame_.is_bound()) {
render_frame_->FrameDetached();
@ -543,7 +548,7 @@ bool CefFrameHostImpl::Detach(DetachReason reason) {
render_frame_.reset();
render_frame_host_ = nullptr;
return first_detach;
return is_first_complete_detach;
}
void CefFrameHostImpl::MaybeReAttach(

View File

@ -136,9 +136,11 @@ class CefFrameHostImpl : public CefFrame, public cef::mojom::BrowserFrame {
// Owned frame objects will be detached explicitly when the associated
// RenderFrame is deleted. Temporary frame objects will be detached
// implicitly via CefBrowserInfo::browser() returning nullptr. Returns true
// if this was the first call to Detach() for the frame.
bool Detach(DetachReason reason);
// implicitly via CefBrowserInfo::browser() returning nullptr. If
// |is_current_main_frame| is true then only the RenderFrameHost references
// will be released as we want the frame object itself to remain valid.
// Returns true if the frame is completely detached for the first time.
bool Detach(DetachReason reason, bool is_current_main_frame);
// A frame has swapped to active status from prerendering or the back-forward
// cache. We may need to re-attach if the RFH has changed. See

View File

@ -518,6 +518,10 @@ patches = [
# https://github.com/llvm/llvm-project/issues/57364
#
# Avoid usage of PartitionAlloc assertions (PA_BASE_CHECK) in raw_ptr.h.
#
# win: Add SHA256 implementation for Sid::FromNamedCapability using the
# Crypto API.
# https://github.com/chromiumembedded/cef/issues/3791
'name': 'base_sandbox_2743',
},
{

View File

@ -207,18 +207,10 @@ index ea33ca66f384c..33f4cc76f76bd 100644
return lhs.token_ == rhs.token_;
#else
diff --git base/win/sid.cc base/win/sid.cc
index 2f250ba9bf79d..8a269af206051 100644
index 2f250ba9bf79d..0af427e779266 100644
--- base/win/sid.cc
+++ base/win/sid.cc
@@ -22,6 +22,7 @@
#include <utility>
#include "base/check.h"
+#include "base/notreached.h"
#include "base/no_destructor.h"
#include "base/rand_util.h"
#include "base/ranges/algorithm.h"
@@ -29,7 +30,11 @@
@@ -29,12 +29,56 @@
#include "base/win/scoped_handle.h"
#include "base/win/scoped_localalloc.h"
#include "base/win/windows_version.h"
@ -226,25 +218,52 @@ index 2f250ba9bf79d..8a269af206051 100644
+
+#if !BUILDFLAG(IS_CEF_SANDBOX_BUILD)
#include "third_party/boringssl/src/include/openssl/sha.h"
+#else
+#include <wincrypt.h>
+#endif
namespace base::win {
@@ -130,6 +135,7 @@ Sid Sid::FromNamedCapability(const std::wstring& capability_name) {
if (known_cap != known_capabilities->end()) {
return FromKnownCapability(known_cap->second);
}
+#if !BUILDFLAG(IS_CEF_SANDBOX_BUILD)
static_assert((SHA256_DIGEST_LENGTH / sizeof(DWORD)) ==
SECURITY_APP_PACKAGE_RID_COUNT);
DWORD rids[(SHA256_DIGEST_LENGTH / sizeof(DWORD)) + 2];
@@ -141,6 +147,9 @@ Sid Sid::FromNamedCapability(const std::wstring& capability_name) {
reinterpret_cast<uint8_t*>(&rids[2]));
return FromSubAuthorities(SECURITY_APP_PACKAGE_AUTHORITY, std::size(rids),
rids);
+#else
+ NOTREACHED();
+#endif
}
namespace {
Sid Sid::FromKnownSid(WellKnownSid type) {
+#if BUILDFLAG(IS_CEF_SANDBOX_BUILD)
+
+#define SHA256_DIGEST_LENGTH 32
+
+bool SHA256(const uint8_t* InData, size_t InDataLen, uint8_t* OutHash) {
+ HCRYPTPROV hProv = 0;
+ HCRYPTHASH hHash = 0;
+
+ if (!CryptAcquireContext(&hProv, nullptr, nullptr, PROV_RSA_AES,
+ CRYPT_VERIFYCONTEXT)) {
+ return false;
+ }
+
+ if (!CryptCreateHash(hProv, CALG_SHA_256, 0, 0, &hHash)) {
+ CryptReleaseContext(hProv, 0);
+ return false;
+ }
+
+ if (!CryptHashData(hHash, InData, static_cast<DWORD>(InDataLen), 0)) {
+ CryptDestroyHash(hHash);
+ CryptReleaseContext(hProv, 0);
+ return false;
+ }
+
+ DWORD dwHashLen = SHA256_DIGEST_LENGTH;
+ if (!CryptGetHashParam(hHash, HP_HASHVAL, OutHash, &dwHashLen, 0)) {
+ CryptDestroyHash(hHash);
+ CryptReleaseContext(hProv, 0);
+ return false;
+ }
+
+ CryptDestroyHash(hHash);
+ CryptReleaseContext(hProv, 0);
+ return true;
+}
+
+#endif // BUILDFLAG(IS_CEF_SANDBOX_BUILD)
+
template <typename Iterator>
Sid FromSubAuthorities(const SID_IDENTIFIER_AUTHORITY& identifier_authority,
size_t sub_authority_count,

View File

@ -817,9 +817,11 @@ void ViewsWindow::OnWindowBoundsChanged(CefRefPtr<CefWindow> window,
bool ViewsWindow::CanClose(CefRefPtr<CefWindow> window) {
CEF_REQUIRE_UI_THREAD();
CefRefPtr<CefBrowser> browser = browser_view_->GetBrowser();
#if defined(OS_MAC)
// On MacOS we might hide the window instead of closing it.
if (hide_on_close_) {
if (hide_on_close_ && browser && !browser->GetHost()->IsReadyToBeClosed()) {
if (window->IsFullscreen()) {
// Need to exit fullscreen mode before hiding the window.
// Execution continues in OnWindowFullscreenTransition.
@ -833,7 +835,6 @@ bool ViewsWindow::CanClose(CefRefPtr<CefWindow> window) {
#endif
// Allow the window to close if the browser says it's OK.
CefRefPtr<CefBrowser> browser = browser_view_->GetBrowser();
if (browser) {
return browser->GetHost()->TryCloseBrowser();
}