124297 – Check WebCrypto parameter types when casting

RESOLVED FIXED 124297

Check WebCrypto parameter types when casting

https://bugs.webkit.org/show_bug.cgi?id=124297

Summary Check WebCrypto parameter types when casting

Alexey Proskuryakov

Reported 2013-11-13 11:24:28 PST

WebCrypto parameters are built in C++ code right before using them, so there is no opportunity for an attacker to pass a wrong one form JS. But there is so much code dealing with them that there is a lot of opportunities to make a typo.

Attachments
proposed patch (24.02 KB, patch) 2013-11-13 11:27 PST, Alexey Proskuryakov	sam: review+	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

Alexey Proskuryakov

Comment 1 2013-11-13 11:27:07 PST

Created attachment 216825 [details] proposed patch

Alexey Proskuryakov

Comment 2 2013-11-13 11:31:14 PST

Committed <http://trac.webkit.org/r159213>.

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P2

Severity Normal

Classification Unclassified

Version 528+ (Nightly build)

Hardware Unspecified

OS Unspecified

Product WebKit

Component WebCore Misc.

Assignee

Alexey Proskuryakov

Reported

2013-11-13 11:24 PST

Modified

2013-11-13 11:31 PST History

CC List

1 user Show

URL

Keywords

Depends on

Blocks

122679

Dependencies

tree graph