Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: crash parsing CLSID in shell.readShortcutLink() #45195

Open
wants to merge 2 commits into
base: main
Choose a base branch
from

Conversation

dlon
Copy link

@dlon dlon commented Jan 14, 2025

Description of Change

Close #45166.

Shortcuts may store the PKEY_AppUserModel_ToastActivatorCLSID property as a string CLSID/UUID as opposed to VT_CLSID (i.e., bytes), resulting in NOTREACHED being hit. This PR adds support for VT_BSTR and VT_LPWSTR, and handles cases with and without braces around the ID.

Upstream CL: https://chromium-review.googlesource.com/c/chromium/src/+/6172220

Checklist

Release Notes

Notes: Fixed a crash when calling shell.readShortcutLink caused by PKEY_AppUserModel_ToastActivatorCLSID sometimes being represented by a string uuid.

@dlon dlon requested a review from a team as a code owner January 14, 2025 09:52
Copy link

welcome bot commented Jan 14, 2025

💖 Thanks for opening this pull request! 💖

Semantic PR titles

We use semantic commit messages to streamline the release process. Before your pull request can be merged, you should update your pull request title to start with a semantic prefix.

Examples of commit messages with semantic prefixes:

  • fix: don't overwrite prevent_default if default wasn't prevented
  • feat: add app.isPackaged() method
  • docs: app.isDefaultProtocolClient is now available on Linux

Commit signing

This repo enforces commit signatures for all incoming PRs.
To sign your commits, see GitHub's documentation on Telling Git about your signing key.

PR tips

Things that will help get your PR across the finish line:

  • Follow the JavaScript, C++, and Python coding style.
  • Run npm run lint locally to catch formatting errors earlier.
  • Document any user-facing changes you've made following the documentation styleguide.
  • Include tests when adding/changing behavior.
  • Include screenshots and animated GIFs whenever possible.

We get a lot of pull requests on this repo, so please be patient and we will get back to you as soon as we can.

@electron-cation electron-cation bot added the new-pr 🌱 PR opened in the last 24 hours label Jan 14, 2025
@dlon
Copy link
Author

dlon commented Jan 14, 2025

Copy link
Member

@codebytere codebytere left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

hi @dlon - could you please describe the fix in the PR body as well?

@dlon
Copy link
Author

dlon commented Jan 14, 2025

@codebytere done!

@dlon dlon force-pushed the patch-shortcut-parse-uuid branch from 7fdf303 to 7fed754 Compare January 14, 2025 18:37
Copy link
Member

@ckerr ckerr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks familiar but I can't find the PR this reminds me of. 🤔 @dlon, is this a new iteration of another change?

Approving since the change LGTM. Also I appreciate that you're submitting the change upstream too. The best way to fix this in Electron is for the fix to land in Chromium and we pick it up automatically + cherry-pick the Chromium fix to older versions of Electron

@deepak1556
Copy link
Member

@ckerr you are right, the previous one is #44784

@dlon
Copy link
Author

dlon commented Jan 15, 2025

It seems like upstream maintainers are reluctant to accept the patch, since they don't intend this to be a generic shortcut parser. Maybe it must remain a patch?

Copy link
Member

@codebytere codebytere left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Given we prefer to hew to upstream where possible - I don't think this passes the bar to be an indefinitely floated patch per our patch policy. It looks like upstream is willing to mitigate the crash, so adding that patch here would be fine by me but beyond that I think we should look to either document the issue or attempt mitigation within Electron's own codebase.

@dlon
Copy link
Author

dlon commented Jan 15, 2025

Given we prefer to hew to upstream where possible - I don't think this passes the bar to be an indefinitely floated patch per our patch policy. It looks like upstream is willing to mitigate the crash, so adding that patch here would be fine by me but beyond that I think we should look to either document the issue or attempt mitigation within Electron's own codebase.

The suggested upstream fix (suppressing NOTREACHED) will result in toastActivatorClsid not being set: https://www.electronjs.org/docs/latest/api/shell#shellreadshortcutlinkshortcutpath-windows. I think this works for our specific case, but is this acceptable?

As far as mitigating this within Electron, can it be done? One possible way is to implement the parser in Electron instead of using chromium for this.

@codebytere
Copy link
Member

@dlon yes - as of now i think it's fine for us to mitigate the crash at cost of toastActivatorClsid not being set. @deepak1556 what do you think?

@dlon dlon force-pushed the patch-shortcut-parse-uuid branch from 7fed754 to e947752 Compare January 17, 2025 13:36
@dlon
Copy link
Author

dlon commented Jan 17, 2025

I've pushed the smaller upstream "fix". Also a check to prevent it from reading garbage as the field isn't zero-initialized.

@deepak1556
Copy link
Member

I am in favor of the proposed upstream fix if that solves your immediate use case. Based on upstream response, base::win::ResolveShortcutProperties is not meant to be a generic utility to read arbitrary apps shortcut links, also seems to align with the intention when this API was created #6623.

If in future we want to make this api generic then the upstream implementation should be copied over and expanded rather than having it as a patch.

Copy link
Member

@deepak1556 deepak1556 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@electron-cation electron-cation bot removed the new-pr 🌱 PR opened in the last 24 hours label Jan 21, 2025
@codebytere codebytere changed the title fix: crash parsing CLSID in shell.readShortcutLink fix: crash parsing CLSID in shell.readShortcutLink() Jan 22, 2025
Copy link
Member

@codebytere codebytere left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks! LGTM :)

@codebytere codebytere added semver/patch backwards-compatible bug fixes target/33-x-y PR should also be added to the "33-x-y" branch. target/34-x-y PR should also be added to the "34-x-y" branch. target/35-x-y PR should also be added to the "35-x-y" branch. labels Jan 22, 2025
@codebytere
Copy link
Member

@dlon once you fix this:

Commits must have verified signatures.

we can get this merged!

@dlon dlon force-pushed the patch-shortcut-parse-uuid branch 3 times, most recently from 2c87571 to 52de1b2 Compare January 22, 2025 15:55
@dlon dlon force-pushed the patch-shortcut-parse-uuid branch from 52de1b2 to 9271cc9 Compare January 22, 2025 15:56
@dlon
Copy link
Author

dlon commented Jan 22, 2025

@codebytere Thanks! Hopefully it's good now

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
semver/patch backwards-compatible bug fixes target/33-x-y PR should also be added to the "33-x-y" branch. target/34-x-y PR should also be added to the "34-x-y" branch. target/35-x-y PR should also be added to the "35-x-y" branch.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

shell.readShortcutLink crashes when parsing Slack shortcut
4 participants