Bug 194186
| Summary: | LocalAuthenticator::getAssertion attempts to put an NSData into a string using %s | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | Darin Adler <darin> |
| Component: | WebCore Misc. | Assignee: | Nobody <webkit-unassigned> |
| Status: | RESOLVED FIXED | ||
| Severity: | Normal | CC: | alex.gaynor, ap, jiewen_tan, webkit-bug-importer |
| Priority: | P2 | Keywords: | InRadar |
| Version: | WebKit Nightly Build | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Bug Depends on: | |||
| Bug Blocks: | 181943 | ||
Darin Adler
When converting code to remove uses of String::format, I noticed this misuse:
m_connection->getUserConsent(
String::format("Log into %s with %s.", requestData().requestOptions.rpId.utf8().data(), selectedCredentialAttributes[(id)kSecAttrApplicationTag]),
(__bridge SecAccessControlRef)selectedCredentialAttributes[(id)kSecAttrAccessControl],
WTFMove(callback));
selectedCredentialAttributes[(id)kSecAttrApplicationTag] returns an NSData *, which can't be usefully formatted with %s.
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |
Radar WebKit Bug Importer
<rdar://problem/47787251>
Darin Adler
I fixed this in r242014 <https://trac.webkit.org/changeset/242014> but it’s untested.
Jiewen Tan
(In reply to Darin Adler from comment #2)
> I fixed this in r242014 <https://trac.webkit.org/changeset/242014> but it’s
> untested.
Thanks, Darin. I will test it before closing the bug.
Jiewen Tan
Verified fix by:
Committed r248308: <https://trac.webkit.org/changeset/248308>