Access private properties via sandbox-safe API on Apple OSes

We detect whether or not we're running inside a sandbox and bail out if
so. We use runtime lookup of the property, so that static analysis of the
application will not mistakenly think we're using the API in sandboxed
situations.

Change-Id: I5f5c42f5a4a44b62de061d945b62ac63167ece09
Reviewed-by: Gabriel de Dietrich <gabriel.dedietrich@qt.io>

1 files changed, 37 insertions, 0 deletions

diff --git a/src/corelib/kernel/qcore_mac_objc.mm b/src/corelib/kernel/qcore_mac_objc.mm
index 7263d81228..6b11e90a4e 100644
--- a/src/corelib/kernel/qcore_mac_objc.mm
+++ b/src/corelib/kernel/qcore_mac_objc.mm
@@ -193,6 +193,43 @@ AppleApplication *qt_apple_sharedApplication()
 }
 #endif
 
+#if defined(Q_OS_MACOS) && !defined(QT_BOOTSTRAPPED)
+bool qt_apple_isSandboxed()
+{
+    static bool isSandboxed = []() {
+        QCFType<SecStaticCodeRef> staticCode = nullptr;
+        NSURL *bundleUrl = [[NSBundle mainBundle] bundleURL];
+        if (SecStaticCodeCreateWithPath((__bridge CFURLRef)bundleUrl,
+            kSecCSDefaultFlags, &staticCode) != errSecSuccess)
+            return false;
+
+        QCFType<SecRequirementRef> sandboxRequirement;
+        if (SecRequirementCreateWithString(CFSTR("entitlement[\"com.apple.security.app-sandbox\"] exists"),
+            kSecCSDefaultFlags, &sandboxRequirement) != errSecSuccess)
+            return false;
+
+        if (SecStaticCodeCheckValidityWithErrors(staticCode,
+            kSecCSBasicValidateOnly, sandboxRequirement, nullptr) != errSecSuccess)
+            return false;
+
+        return true;
+    }();
+    return isSandboxed;
+}
+
+QT_END_NAMESPACE
+@implementation NSObject (QtSandboxHelpers)
+- (id)qt_valueForPrivateKey:(NSString *)key
+{
+    if (qt_apple_isSandboxed())
+        return nil;
+
+    return [self valueForKey:key];
+}
+@end
+QT_BEGIN_NAMESPACE
+#endif
+
 #ifdef Q_OS_MACOS
 /*
     Ensure that Objective-C objects auto-released in main(), directly or indirectly,