RESOLVED FIXED 198308
Correct flaky WebAuthN test cases 
https://bugs.webkit.org/show_bug.cgi?id=198308
Summary Correct flaky WebAuthN test cases
Brent Fulgham
Reported 2019-05-28 15:58:10 PDT
A series of flaky WebAuthN crashes were due to a mistake in the implementation of the MockHidConnection test object. This code is not used in production operation, and is not a security risk. After reserving the appropriate size for the payload, and appending the Nonce to the payload, it was grown to the size of the kHidInitResponseSize constant. Unfortunately, this also changes the value the payload Vector returns when asked for its size. Consequently, we always began writing the CtapChannelIdSize value aafter the end of the buffer we had just allocated. I did not find any other instances of this coding issue elsewhere.
Attachments
Patch (2.09 KB, patch)
2019-05-28 17:26 PDT, Brent Fulgham 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Brent Fulgham
Comment 1 2019-05-28 15:58:34 PDT
<rdar://problem/48677219>
Brent Fulgham
Comment 2 2019-05-28 17:26:48 PDT
Created attachment 370811 [details] Patch
David Kilzer (:ddkilzer)
Comment 3 2019-05-28 21:10:45 PDT
Comment on attachment 370811 [details] Patch r=me assuming the test failures aren't caused by this change.
Brent Fulgham
Comment 4 2019-05-28 22:54:30 PDT
Boy it would be hard to imagine this change affecting that Download test. I’ll run locally under ASan and confirm the change doesn’t trigger that failure before landing.
Brent Fulgham
Comment 5 2019-05-29 09:37:50 PDT
(In reply to David Kilzer (:ddkilzer) from comment #3) > Comment on attachment 370811 [details] > Patch > > r=me assuming the test failures aren't caused by this change. Yes, that flaky timeout is well known (see Bug 198298).
WebKit Commit Bot
Comment 6 2019-05-29 10:05:08 PDT
Comment on attachment 370811 [details] Patch Clearing flags on attachment: 370811 Committed r245852: <https://trac.webkit.org/changeset/245852>
WebKit Commit Bot
Comment 7 2019-05-29 10:05:09 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.