Mojave: and NSSharingService Class 'OC_PythonUnicode' disallows secure coding. It must return YES from supportsSecureCoding

[ronaldoussoren]

Original report by Marc Van Olmen (Bitbucket: marc_at_acclivitynyc, ).

---

Steps:

I have an Objective-c class that implements the following method:

#!objective-c

- (void)mailWithSharingServiceEmailAddress: (NSString *) emailAddress
                                   subject: (NSString *) subject
                                      body: (NSString *) body
                                      fileURL: (NSURL *) fileURL
{
    NSSharingService* sharingService = [NSSharingService sharingServiceNamed: NSSharingServiceNameComposeEmail];

    [sharingService setRecipients: @[emailAddress]];
    [sharingService setSubject:subject];
    [sharingService performWithItems: @[ body, fileURL]];
}

Then when I call this code from Python PyObjC 4.2.1 and also tried 5.0 the objects that are passed in are OC_PythonUnicode objects. My python environment is 64-bit Python 2.7.15.

This code worked fine under macOS High Sierra, but under Mojave this above code fails.

This is the error I'm getting under Mojave:

#!python

2018-10-04 20:02:35.949690-0400 Checkout[23665:468160] *** ObjC exception 'NSInvalidUnarchiveOperationException' (reason: 'Class 'OC_PythonUnicode' disallows secure coding. It must return YES from supportsSecureCoding.') discarded
Stack trace (most recent call last):
  0x00000003 (in Checkout)
  start (in libdyld.dylib) + 1
  ffi_closure_unix64 (in _objc.so) + 70
  ffi_closure_unix64_inner (in _objc.so) + 688
  method_stub (in _objc.so) + 1248
  PyObject_Call (in Python) + 98
  function_call (in Python) + 176
  PyEval_EvalCodeEx (in Python) + 2115
  PyEval_EvalFrameEx (in Python) + 40001
  PyEval_EvalCodeEx (in Python) + 2115
  PyEval_EvalFrameEx (in Python) + 41307
  objc_NSApplicationMain (in _AppKit.so) + 313
  NSApplicationMain (in AppKit) + 780
  -[NSApplication run] (in AppKit) + 699
  -[NSApplication(NSEvent) _nextEventMatchingEventMask:untilDate:inMode:dequeue:] (in AppKit) + 1362
  _DPSNextEvent (in AppKit) + 997
  _BlockUntilNextEventMatchingListInModeWithFilter (in HIToolbox) + 64
  ReceiveNextEventCommon (in HIToolbox) + 618
  RunCurrentEventLoopInMo
2018-10-04 20:02:35.952537-0400 Checkout[23665:468603] error with remoteObjectProxyWithErrorHandler: Error Domain=NSCocoaErrorDomain Code=4097 "connection from pid 23776" UserInfo={NSDebugDescription=connection from pid 23776}
2018-10-04 20:02:40.510908-0400 Checkout[23665:468601] WARNING: _endWindowBlockingModalSessionForShownService called with <NSSharingService: 0x6000000d1e20> [com.apple.share.Mail.compose] - enabled:YES for a service but we couldn't find a matching modal session!

So it seems that OC_PythonUnicode needs to support supportsSecureCoding and NSSharingService requires objects to be secureCoded..

I solved this problem with the following workaround:

#!objecitve-c

    [sharingService setRecipients: @[[NSString stringWithFormat: @"%@", emailAddress]]];
    [sharingService setSubject:[NSString stringWithFormat: @"%@", subject]];
    [sharingService performWithItems: @[ [NSString stringWithFormat: @"%@", body], fileURL]];

[ronaldoussoren]

Original comment by Ronald Oussoren (Bitbucket: ronaldoussoren, GitHub: ronaldoussoren).

---

This is related to #180

I basically need to adjust the implementation of all OC_* classes to properly support secure coding where possible (claiming to support secureCoding for arbitrary Python objects would not be correct, in the general case NSCoding support falls back to pickling objects and pickle shouldn't be used across security boundaries).

I'll probably split all OC_* classes into two classes: one for built-in types where I can support secureCoding, and one for other types that cannot support secureCoding. The change is slightly more involved than changing the implementation of supportsSecureCoding for these classes :-)

[ronaldoussoren]

Original comment by Ronald Oussoren (Bitbucket: ronaldoussoren, GitHub: ronaldoussoren).

---

Introduce secureCoding support

This introduces secure coding support for a number of classes,
see #180 and #251.

This patch is not yet complete, for some reason using OC_BuiltinPythonNumber
causes test failures in the NSCoding tests.

[ronaldoussoren]

Original comment by Ronald Oussoren (Bitbucket: ronaldoussoren, GitHub: ronaldoussoren).

---

Changeset 66453e390b64 introduces most of the support for secureCoding, except for the support for adding secureCoding to python's builtin number types (int, long, float).

The code for that is present in the changeset but is not yet enabled because it causes other problems that I don't understand at this time. The code changes for OC_PythonNumber/OC_BuiltinPythonNumber are similar to those for other classes which do work properly.

I won't close this issue until I've debugged the problem I mentioned before.

[ronaldoussoren]

Original comment by Ronald Oussoren (Bitbucket: ronaldoussoren, GitHub: ronaldoussoren).

---

Enable OC_BuiltinPythonNumber to fully implement secureCoding

Closes #180 and #251

[ronaldoussoren]

Original comment by Ronald Oussoren (Bitbucket: ronaldoussoren, GitHub: ronaldoussoren).

---

Import ABCs from collections.abc instead of collections

Fixes #251

[ronaldoussoren]

Original comment by Marc Van Olmen (Bitbucket: marc_at_acclivitynyc, ).

---

Thanks for getting this resolved so quickly