Fixing SaferCPP warnings in InjectedBundle.cpp

kmonsen · zakariaridouh · commit 2394366f6484 · 2025-03-22T14:06:38.000-07:00
https://bugs.webkit.org/show_bug.cgi?id=290078 rdar://problem/147455928 Reviewed by Chris Dumez. * Source/WebKit/SaferCPPExpectations/UncountedCallArgsCheckerExpectations: * Source/WebKit/SaferCPPExpectations/UncountedLocalVarsCheckerExpectations: * Source/WebKit/WebProcess/InjectedBundle/InjectedBundle.cpp: (WebKit::InjectedBundle::postMessage): (WebKit::InjectedBundle::postSynchronousMessage): (WebKit::InjectedBundle::addOriginAccessAllowListEntry): (WebKit::InjectedBundle::removeOriginAccessAllowListEntry): (WebKit::InjectedBundle::resetOriginAccessAllowLists): (WebKit::InjectedBundle::numberOfPages): (WebKit::InjectedBundle::pageNumberForElementById): (WebKit::InjectedBundle::pageSizeAndMarginsInPixels): (WebKit::InjectedBundle::isPageBoxVisible): (WebKit::InjectedBundle::removeAllWebNotificationPermissions): (WebKit::InjectedBundle::webNotificationID): (WebKit::InjectedBundle::liveDocumentURLs): * Source/WebKit/WebProcess/WebPage/WebPage.cpp: (WebKit::WebPage::protectedNotificationPermissionRequestManager): * Source/WebKit/WebProcess/WebPage/WebPage.h: Canonical link: https://commits.webkit.org/292544@main
diff --git a/Source/WebKit/SaferCPPExpectations/UncountedCallArgsCheckerExpectations b/Source/WebKit/SaferCPPExpectations/UncountedCallArgsCheckerExpectations
@@ -168,7 +168,6 @@ WebProcess/InjectedBundle/API/mac/WKWebProcessPlugIn.mm
 WebProcess/InjectedBundle/API/mac/WKWebProcessPlugInBrowserContextController.mm
 WebProcess/InjectedBundle/DOM/InjectedBundleNodeHandle.cpp
 WebProcess/InjectedBundle/DOM/InjectedBundleRangeHandle.cpp
-WebProcess/InjectedBundle/InjectedBundle.cpp
 WebProcess/InjectedBundle/InjectedBundleDOMWindowExtension.cpp
 WebProcess/InjectedBundle/InjectedBundleHitTestResult.cpp
 WebProcess/InjectedBundle/InjectedBundlePageUIClient.cpp
diff --git a/Source/WebKit/SaferCPPExpectations/UncountedLocalVarsCheckerExpectations b/Source/WebKit/SaferCPPExpectations/UncountedLocalVarsCheckerExpectations
@@ -27,7 +27,6 @@ WebProcess/InjectedBundle/API/mac/WKWebProcessPlugInBrowserContextController.mm
 WebProcess/InjectedBundle/DOM/InjectedBundleCSSStyleDeclarationHandle.cpp
 WebProcess/InjectedBundle/DOM/InjectedBundleNodeHandle.cpp
 WebProcess/InjectedBundle/DOM/InjectedBundleRangeHandle.cpp
-WebProcess/InjectedBundle/InjectedBundle.cpp
 WebProcess/InjectedBundle/InjectedBundleDOMWindowExtension.cpp
 WebProcess/InjectedBundle/InjectedBundleHitTestResult.cpp
 WebProcess/InjectedBundle/InjectedBundlePageContextMenuClient.cpp
diff --git a/Source/WebKit/WebProcess/InjectedBundle/InjectedBundle.cpp b/Source/WebKit/WebProcess/InjectedBundle/InjectedBundle.cpp
@@ -126,36 +126,36 @@ void InjectedBundle::setServiceWorkerProxyCreationCallback(void (*callback)(uint
 void InjectedBundle::postMessage(const String& messageName, API::Object* messageBody)
 {
     auto& webProcess = WebProcess::singleton();
-    webProcess.parentProcessConnection()->send(Messages::WebProcessPool::HandleMessage(messageName, UserData(webProcess.transformObjectsToHandles(messageBody))), 0);
+    webProcess.protectedParentProcessConnection()->send(Messages::WebProcessPool::HandleMessage(messageName, UserData(webProcess.transformObjectsToHandles(messageBody))), 0);
 }
 
 void InjectedBundle::postSynchronousMessage(const String& messageName, API::Object* messageBody, RefPtr<API::Object>& returnData)
 {
     auto& webProcess = WebProcess::singleton();
-    auto sendResult = webProcess.parentProcessConnection()->sendSync(Messages::WebProcessPool::HandleSynchronousMessage(messageName, UserData(webProcess.transformObjectsToHandles(messageBody))), 0);
+    auto sendResult = webProcess.protectedParentProcessConnection()->sendSync(Messages::WebProcessPool::HandleSynchronousMessage(messageName, UserData(webProcess.transformObjectsToHandles(messageBody))), 0);
     if (sendResult.succeeded()) {
         auto [returnUserData] = sendResult.takeReply();
-        returnData = webProcess.transformHandlesToObjects(returnUserData.object());
+        returnData = webProcess.transformHandlesToObjects(returnUserData.protectedObject().get());
     } else
         returnData = nullptr;
 }
 
 void InjectedBundle::addOriginAccessAllowListEntry(const String& sourceOrigin, const String& destinationProtocol, const String& destinationHost, bool allowDestinationSubdomains)
 {
     SecurityPolicy::addOriginAccessAllowlistEntry(SecurityOrigin::createFromString(sourceOrigin).get(), destinationProtocol, destinationHost, allowDestinationSubdomains);
-    WebProcess::singleton().ensureNetworkProcessConnection().connection().send(Messages::NetworkConnectionToWebProcess::AddOriginAccessAllowListEntry { sourceOrigin, destinationProtocol, destinationHost, allowDestinationSubdomains }, 0);
+    WebProcess::singleton().ensureNetworkProcessConnection().protectedConnection()->send(Messages::NetworkConnectionToWebProcess::AddOriginAccessAllowListEntry { sourceOrigin, destinationProtocol, destinationHost, allowDestinationSubdomains }, 0);
 }
 
 void InjectedBundle::removeOriginAccessAllowListEntry(const String& sourceOrigin, const String& destinationProtocol, const String& destinationHost, bool allowDestinationSubdomains)
 {
     SecurityPolicy::removeOriginAccessAllowlistEntry(SecurityOrigin::createFromString(sourceOrigin).get(), destinationProtocol, destinationHost, allowDestinationSubdomains);
-    WebProcess::singleton().ensureNetworkProcessConnection().connection().send(Messages::NetworkConnectionToWebProcess::RemoveOriginAccessAllowListEntry { sourceOrigin, destinationProtocol, destinationHost, allowDestinationSubdomains }, 0);
+    WebProcess::singleton().ensureNetworkProcessConnection().protectedConnection()->send(Messages::NetworkConnectionToWebProcess::RemoveOriginAccessAllowListEntry { sourceOrigin, destinationProtocol, destinationHost, allowDestinationSubdomains }, 0);
 }
 
 void InjectedBundle::resetOriginAccessAllowLists()
 {
     SecurityPolicy::resetOriginAccessAllowlists();
-    WebProcess::singleton().ensureNetworkProcessConnection().connection().send(Messages::NetworkConnectionToWebProcess::ResetOriginAccessAllowLists { }, 0);
+    WebProcess::singleton().ensureNetworkProcessConnection().protectedConnection()->send(Messages::NetworkConnectionToWebProcess::ResetOriginAccessAllowLists { }, 0);
 }
 
 void InjectedBundle::setAsynchronousSpellCheckingEnabled(bool enabled)
@@ -167,13 +167,13 @@ void InjectedBundle::setAsynchronousSpellCheckingEnabled(bool enabled)
 
 int InjectedBundle::numberOfPages(WebFrame* frame, double pageWidthInPixels, double pageHeightInPixels)
 {
-    auto* coreFrame = frame ? frame->coreLocalFrame() : nullptr;
+    RefPtr coreFrame = frame ? frame->coreLocalFrame() : nullptr;
     if (!coreFrame)
         return -1;
     if (!pageWidthInPixels)
-        pageWidthInPixels = coreFrame->view()->width();
+        pageWidthInPixels = coreFrame->protectedView()->width();
     if (!pageHeightInPixels)
-        pageHeightInPixels = coreFrame->view()->height();
+        pageHeightInPixels = coreFrame->protectedView()->height();
 
     return PrintContext::numberOfPages(*coreFrame, FloatSize(pageWidthInPixels, pageHeightInPixels));
 }
@@ -184,34 +184,34 @@ int InjectedBundle::pageNumberForElementById(WebFrame* frame, const String& id,
     if (!coreFrame)
         return -1;
 
-    RefPtr element = coreFrame->document()->getElementById(id);
+    RefPtr element = coreFrame->protectedDocument()->getElementById(id);
     if (!element)
         return -1;
 
     if (!pageWidthInPixels)
-        pageWidthInPixels = coreFrame->view()->width();
+        pageWidthInPixels = coreFrame->protectedView()->width();
     if (!pageHeightInPixels)
-        pageHeightInPixels = coreFrame->view()->height();
+        pageHeightInPixels = coreFrame->protectedView()->height();
 
     return PrintContext::pageNumberForElement(element.get(), FloatSize(pageWidthInPixels, pageHeightInPixels));
 }
 
 String InjectedBundle::pageSizeAndMarginsInPixels(WebFrame* frame, int pageIndex, int width, int height, int marginTop, int marginRight, int marginBottom, int marginLeft)
 {
-    auto* coreFrame = frame ? frame->coreLocalFrame() : nullptr;
+    RefPtr coreFrame = frame ? frame->coreLocalFrame() : nullptr;
     if (!coreFrame)
         return String();
 
-    return PrintContext::pageSizeAndMarginsInPixels(coreFrame, pageIndex, width, height, marginTop, marginRight, marginBottom, marginLeft);
+    return PrintContext::pageSizeAndMarginsInPixels(coreFrame.get(), pageIndex, width, height, marginTop, marginRight, marginBottom, marginLeft);
 }
 
 bool InjectedBundle::isPageBoxVisible(WebFrame* frame, int pageIndex)
 {
-    auto* coreFrame = frame ? frame->coreLocalFrame() : nullptr;
+    RefPtr coreFrame = frame ? frame->coreLocalFrame() : nullptr;
     if (!coreFrame)
         return false;
 
-    return PrintContext::isPageBoxVisible(coreFrame, pageIndex);
+    return PrintContext::isPageBoxVisible(coreFrame.get(), pageIndex);
 }
 
 bool InjectedBundle::isProcessingUserGesture()
@@ -276,7 +276,7 @@ void InjectedBundle::setUserStyleSheetLocation(const String& location)
 void InjectedBundle::removeAllWebNotificationPermissions(WebPage* page)
 {
 #if ENABLE(NOTIFICATIONS)
-    page->notificationPermissionRequestManager()->removeAllPermissionsForTesting();
+    page->protectedNotificationPermissionRequestManager()->removeAllPermissionsForTesting();
 #else
     UNUSED_PARAM(page);
 #endif
@@ -285,7 +285,7 @@ void InjectedBundle::removeAllWebNotificationPermissions(WebPage* page)
 std::optional<WTF::UUID> InjectedBundle::webNotificationID(JSContextRef jsContext, JSValueRef jsNotification)
 {
 #if ENABLE(NOTIFICATIONS)
-    WebCore::Notification* notification = JSNotification::toWrapped(toJS(jsContext)->vm(), toJS(toJS(jsContext), jsNotification));
+    RefPtr notification = JSNotification::toWrapped(toJS(jsContext)->vm(), toJS(toJS(jsContext), jsNotification));
     if (!notification)
         return std::nullopt;
     return notification->identifier();
@@ -314,11 +314,11 @@ InjectedBundle::DocumentIDToURLMap InjectedBundle::liveDocumentURLs(bool exclude
 
     if (excludeDocumentsInPageGroupPages) {
         Page::forEachPage([&](Page& page) {
-            for (auto* frame = &page.mainFrame(); frame; frame = frame->tree().traverseNext()) {
-                auto* localFrame = dynamicDowncast<LocalFrame>(frame);
+            for (RefPtr frame = &page.mainFrame(); frame; frame = frame->tree().traverseNext()) {
+                RefPtr localFrame = dynamicDowncast<LocalFrame>(frame);
                 if (!localFrame)
                     continue;
-                auto* document = localFrame->document();
+                RefPtr document = localFrame->document();
                 if (!document)
                     continue;
                 result.remove(document->identifier().object());
diff --git a/Source/WebKit/WebProcess/WebPage/WebPage.cpp b/Source/WebKit/WebProcess/WebPage/WebPage.cpp
@@ -5472,6 +5472,11 @@ NotificationPermissionRequestManager* WebPage::notificationPermissionRequestMana
     return m_notificationPermissionRequestManager.get();
 }
 
+RefPtr<NotificationPermissionRequestManager> WebPage::protectedNotificationPermissionRequestManager()
+{
+    return notificationPermissionRequestManager();
+}
+
 #if ENABLE(DRAG_SUPPORT)
 
 #if PLATFORM(GTK)
diff --git a/Source/WebKit/WebProcess/WebPage/WebPage.h b/Source/WebKit/WebProcess/WebPage/WebPage.h
@@ -1134,6 +1134,7 @@ class WebPage final : public API::ObjectImpl<API::Object::Type::BundlePage>, pub
     void swipeAnimationDidEnd();
 
     NotificationPermissionRequestManager* notificationPermissionRequestManager();
+    RefPtr<NotificationPermissionRequestManager> protectedNotificationPermissionRequestManager();
 
     void pageDidScroll();
 
