143971 – Use ASSERT_WITH_SECURITY_IMPLICATION() for NoEventDispatchAssertion

Bug 143971 - Use ASSERT_WITH_SECURITY_IMPLICATION() for NoEventDispatchAssertion

Summary: Use ASSERT_WITH_SECURITY_IMPLICATION() for NoEventDispatchAssertion

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	WebCore Misc. (show other bugs)
Version:	528+ (Nightly build)
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Chris Dumez

URL:
Keywords:

Depends on:
Blocks:

Reported:	2015-04-20 16:48 PDT by Chris Dumez
Modified:	2015-04-21 09:17 PDT (History)
CC List:	7 users (show)

See Also:

Attachments
Patch (13.12 KB, patch) 2015-04-20 16:55 PDT, Chris Dumez	no flags	Details \| Formatted Diff \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Chris Dumez 2015-04-20 16:48:49 PDT

Use ASSERT_WITH_SECURITY_IMPLICATION() for NoEventDispatchAssertion as firing JS events can cause arbitrary JS execution which often leads to security bugs when event firing is forbidden. For e.g. firing events from ActiveDOMObject::suspend() means JS can construct or destroy ActiveDOMObjects while we are iterating over them.

Comment 1 Chris Dumez 2015-04-20 16:55:04 PDT

Created attachment 251204 [details]
Patch

Comment 2 Chris Dumez 2015-04-21 09:17:26 PDT

Comment on attachment 251204 [details]
Patch

Clearing flags on attachment: 251204

Committed r183064: <http://trac.webkit.org/changeset/183064>

Comment 3 Chris Dumez 2015-04-21 09:17:34 PDT

All reviewed patches have been landed.  Closing bug.