kode54
/
cog
2
1
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

[Sandbox Broker] Synchronize storage access 

Synchronize storage access to main thread only, to prevent enumeration
from hitting a case of the main thread writing to the storage.

Signed-off-by: Christopher Snowhill <kode54@gmail.com>
swiftingly
Christopher Snowhill 2022-06-23 23:35:26 -07:00
parent be6453e048
commit f3f3d436ba
1 changed files with 41 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
Utils/SandboxBroker.m
View File

@ -142,6 +142,14 @@ static SandboxBroker *kSharedSandboxBroker = nil;
return YES; return YES;
} }
static inline void dispatch_sync_reentrant(dispatch_queue_t queue, dispatch_block_t block) {
if(dispatch_queue_get_label(queue) == dispatch_queue_get_label(DISPATCH_CURRENT_QUEUE_LABEL)) {
block();
} else {
dispatch_sync(queue, block);
}
}
- (SandboxEntry *)recursivePathTest:(NSURL *)url { - (SandboxEntry *)recursivePathTest:(NSURL *)url {
for(SandboxEntry *entry in storage) { for(SandboxEntry *entry in storage) {
if(entry.path && [SandboxBroker isPath:url aSubdirectoryOf:[NSURL fileURLWithPath:entry.path]]) { if(entry.path && [SandboxBroker isPath:url aSubdirectoryOf:[NSURL fileURLWithPath:entry.path]]) {
@ -150,38 +158,47 @@ static SandboxBroker *kSharedSandboxBroker = nil;
} }
} }
NSPersistentContainer *pc = [SandboxBroker sharedPersistentContainer]; __block SandboxEntry *ret = nil;
NSSortDescriptor *sortDescriptor = [NSSortDescriptor sortDescriptorWithKey:@"path.length" ascending:NO]; dispatch_sync_reentrant(dispatch_get_main_queue(), ^{
NSPersistentContainer *pc = [SandboxBroker sharedPersistentContainer];
NSFetchRequest *request = [NSFetchRequest fetchRequestWithEntityName:@"SandboxToken"]; NSSortDescriptor *sortDescriptor = [NSSortDescriptor sortDescriptorWithKey:@"path.length" ascending:NO];
request.sortDescriptors = @[sortDescriptor];
NSError *error = nil; NSFetchRequest *request = [NSFetchRequest fetchRequestWithEntityName:@"SandboxToken"];
NSArray *results = [pc.viewContext executeFetchRequest:request error:&error]; request.sortDescriptors = @[sortDescriptor];
if(results && [results count] > 0) { NSError *error = nil;
for(SandboxToken *token in results) { NSArray *results = [pc.viewContext executeFetchRequest:request error:&error];
if(token.path && [SandboxBroker isPath:url aSubdirectoryOf:[NSURL fileURLWithPath:token.path]]) {
SandboxEntry *entry = [[SandboxEntry alloc] initWithToken:token];
BOOL isStale; if(results && [results count] > 0) {
NSError *err = nil; for(SandboxToken *token in results) {
NSURL *secureUrl = [NSURL URLByResolvingBookmarkData:token.bookmark options:NSURLBookmarkResolutionWithSecurityScope relativeToURL:nil bookmarkDataIsStale:&isStale error:&err]; if(token.path && [SandboxBroker isPath:url aSubdirectoryOf:[NSURL fileURLWithPath:token.path]]) {
if(!secureUrl && err) { SandboxEntry *entry = [[SandboxEntry alloc] initWithToken:token];
ALog(@"Failed to access bookmark for URL: %@, error: %@", token.path, [err localizedDescription]);
return nil; ret = entry;
return;
} }
entry.secureUrl = secureUrl;
[storage addObject:entry];
[secureUrl startAccessingSecurityScopedResource];
return entry;
} }
} }
});
if(ret) {
BOOL isStale;
NSError *err = nil;
NSURL *secureUrl = [NSURL URLByResolvingBookmarkData:ret.token.bookmark options:NSURLBookmarkResolutionWithSecurityScope relativeToURL:nil bookmarkDataIsStale:&isStale error:&err];
if(!secureUrl && err) {
ALog(@"Failed to access bookmark for URL: %@, error: %@", ret.token.path, [err localizedDescription]);
return nil;
}
ret.secureUrl = secureUrl;
[storage addObject:ret];
[secureUrl startAccessingSecurityScopedResource];
return ret;
} }
return nil; return nil;